CVE-2026-21920
moderate-risk
Published 2026-01-15
An Unchecked Return Value vulnerability in the DNS module of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If an SRX Series device configured for DNS processing, receives a specifically formatted DNS request flowd will crash and restart, which causes a service interruption until the process has recovered. This issue affects Junos OS on SRX Series: * 23.4 versions before 23.4R2-S5, * 24.2 versions before 24.2R2-S1, * 24.4 versions before 24.4R2. This issue does not affect Junos OS versions before 23.4R1.
Do I need to act?
-
0.02% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
NETWORK
/ LOW complexity
Affected Products (18)
Affected Vendors
References (2)
Vendor Advisory
https://kb.juniper.net/JSA106020
Vendor Advisory
https://supportportal.juniper.net/JSA106020
45
/ 100
moderate-risk
Severity
26/34 · High
Exploitability
0/34 · Minimal
Exposure
19/34 · Moderate