CVE-2026-33793

Summary

An Execution with Unnecessary Privileges vulnerability in the User Interface (UI) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to gain root privileges, thus compromising the system.

When a configuration that allows unsigned Python op scripts is present on the device, a non-root user is able to execute malicious op scripts as a root-equivalent user, leading to privilege escalation. 

This issue affects Junos OS: 

  • All versions before 22.4R3-S7, 
  • from 23.2 before 23.2R2-S4, 
  • from 23.4 before 23.4R2-S6,
  • from 24.2 before 24.2R1-S2, 24.2R2, 
  • from 24.4 before 24.4R1-S2, 24.4R2; 

Junos OS Evolved: 

  • All versions before 22.4R3-S7-EVO, 
  • from 23.2 before 23.2R2-S4-EVO, 
  • from 23.4 before 23.4R2-S6-EVO,
  • from 24.2 before 24.2R2-EVO, 
  • from 24.4 before 24.4R1-S1-EVO, 24.4R2-EVO.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OS0 < 22.4R3-S7affected
Juniper NetworksJunos OS23.2 < 23.2R2-S4affected
Juniper NetworksJunos OS23.4 < 23.4R2-S6affected
Juniper NetworksJunos OS24.2 < 24.2R1-S2, 24.2R2affected
Juniper NetworksJunos OS24.4 < 24.4R1-S2, 24.4R2affected
Juniper NetworksJunos OS Evolved0 < 22.4R3-S7-EVOaffected
Juniper NetworksJunos OS Evolved23.2 < 23.2R2-S4-EVOaffected
Juniper NetworksJunos OS Evolved23.4 < 23.4R2-S6-EVOaffected
Juniper NetworksJunos OS Evolved24.2 < 24.2R2-EVOaffected
Juniper NetworksJunos OS Evolved24.4 < 24.4R1-S1-EVO, 24.4R2-EVOaffected

Weaknesses

  • CWE-250: CWE-250: Execution with Unnecessary Privileges

Workarounds

Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References