Alert GCSA-26118 - Vulnerabilita' in Juniper Junos OS e altri prodotti

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ****************************************************************** alert ID: GCSA-26118 data: 09 luglio 2026 titolo: Vulnerabilita' in Juniper Junos OS e altri prodotti ****************************************************************** :: Descrizione del problema Juniper Networks ha pubblicato 27 avvisi di sicurezza, con i quali vengono risolte varie vulnerabilita', in maggioranza relative a Junos OS: 23 CVE individuali piu' 4 avvisi di prodotto raggruppati. Al momento non e' noto alcuno sfruttamento attivo delle vulnerabilita' elencate. Maggiori informazioni sono disponibili alla sezione "Riferimenti". :: Apparati e software interessati Junos OS on SRX Series, MX Series (with SPC3), EX Series, QFX Series Junos OS Evolved on PTX Series, QFX Series Junos Space (prior to 26.1R1 Patch V1) cRPD (prior to 26.2R1) Network Director (prior to 7.1R3) CTPView (prior to 9.3R2-3) Per una descrizione completa dei dispositivi interessati, si prega di far riferimento ai Security Advisories ufficiali. :: Impatto Bypass delle funzionalita' di sicurezza (SFB) Esecuzione remota di codice arbitrario (RCE) Accesso a dati riservati (ID) Denial of Service (DoS) :: Soluzioni Si consiglia di valutare l'impatto delle vulnerabilita' sui dispositivi in uso, e di aggiornare il prima possibile. Maggiori informazioni sono disponibili alla sezione "Riferimenti". :: Riferimenti Juniper Support Portal Search Results - Security Advisories https://supportportal.juniper.net/s/global-search/%40uri#sortCriteria=date%20descending&f-sf_primarysourcename=Knowledge&f-sf_articletype=Security%20Advisories&numberOfResults=50 JSA110093: Junos OS: MX Series: Web filtering doesn't block specifically formatted URLs (CVE-2026-57054) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-MX-Series-Web-filtering-doesn-t-block-specifically-formatted-URLs-CVE-2026-57054 CVSS (Max): 5.8 CVE-2026-57054 JSA110091: Junos OS: MX Series: For subscribers configured on static interfaces, input filters are not in effect (CVE-2026-57031) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-MX-Series-For-subscribers-configured-on-static-interfaces-input-filters-are-not-in-effect-CVE-2026-57031 CVSS (Max): 4.7 CVE-2026-57031 JSA110079: Junos OS: MX Series: Specific traffic causes an FPC to reset (CVE-2026-57019) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-MX-Series-Specific-traffic-causes-an-FPC-to-reset-CVE-2026-57019 CVSS (Max): 6.5 CVE-2026-57019 JSA110075: Junos OS: MX Series: In a VC scenario a high rate of micro-BFD session flaps will cause an FPC crash (CVE-2026-33800) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-MX-Series-In-a-VC-scenario-a-high-rate-of-micro-BFD-session-flaps-will-cause-an-FPC-crash-CVE-2026-33800 CVSS (Max): 6.5 CVE-2026-33800 JSA110086: Junos OS: MX Series with SPC3, SRX Series: Processing of a specifically malformed SIP invite causes a flowd crash (CVE-2026-57026) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-MX-Series-with-SPC3-SRX-Series-Processing-of-a-specifically-malformed-SIP-invite-causes-a-flowd-crash-CVE-2026-57026 CVSS (Max): 7.5 CVE-2026-57026 JSA110084: Junos OS: MX Series with SPC3, SRX Series: Repeated VPN negotiation failures will eventually cause iked to crash continuously (CVE-2026-57024) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-MX-with-SPC3-SRX-Series-Repeated-VPN-negotiation-failures-will-eventually-cause-iked-to-crash-continuously-CVE-2026-57024 CVSS (Max): 5.3 CVE-2026-57024 JSA110083: Junos OS: MX Series with SPC3, SRX Series: A specifically malformed TCP packet causes a flowd crash (CVE-2026-57023) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-MX-Series-with-SPC3-SRX-Series-A-specifically-malformed-TCP-packet-causes-a-flowd-crash-CVE-2026-57023 CVSS (Max): 7.5 CVE-2026-57023 JSA110082: Junos OS: MX Series with SPC3, SRX Series: Specific packet in response to a TCP connection establishment by the affected device can crash the PFE (CVE-2026-57022) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-MX-Series-with-SPC3-SRX-Series-Specific-packet-in-response-to-a-TCP-connection-establishment-by-the-affected-device-can-crash-the-PFE-CVE-2026-57022 CVSS (Max): 5.9 CVE-2026-57022 JSA110085: Junos OS and Junos OS Evolved: EX Series, QFX Series, MX Series: A specific 'show l2-learning' command causes l2ald crash (CVE-2026-57025) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-EX-Series-QFX-Series-MX-Series-A-specific-show-l2-learning-command-causes-l2ald-crash-CVE-2026-57025 CVSS (Max): 5.5 CVE-2026-57025 JSA110092: Junos OS: EX Series: Subscribing to an unsupported telemetry sensor path causes fxpc process crash (CVE-2026-57032) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-EX-Series-Subscribing-to-an-unsupported-telemetry-sensor-path-causes-fxpc-process-crash-CVE-2026-57032 CVSS (Max): 6.5 CVE-2026-57032 JSA110077: Junos OS: EX Series: Unauthorized users can execute service-impacting CLI command (CVE-2026-33802) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-EX-Series-Unauthorized-users-can-execute-service-impacting-CLI-command-CVE-2026-33802 CVSS (Max): 5.5 CVE-2026-33802 JSA110090: Junos OS: SRX Series: Flow sessions are not getting cleared leading to a DoS (CVE-2026-57030) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-SRX-Series-Flow-sessions-are-not-getting-cleared-leading-to-a-DoS-CVE-2026-57030 CVSS (Max): 5.9 CVE-2026-57030 JSA110081: Junos OS: SRX Series: If VPN compliance-check is configured an attacker can cause http-gk process crash (CVE-2026-57021) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-SRX-Series-If-VPN-compliance-check-is-configured-an-attacker-can-cause-http-gk-process-crash-CVE-2026-57021 CVSS (Max): 5.3 CVE-2026-57021 JSA110087: Junos OS: EX4100 Series, EX4400: With sFlow configured in a VC scenario multicast traffic leads to an FPC crash (CVE-2026-57027) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-EX4100-Series-EX4400-With-sFlow-configured-in-a-VC-scenario-multicast-traffic-leads-to-an-FPC-crash-CVE-2026-57027 CVSS (Max): 6.5 CVE-2026-57027 JSA110080: Junos OS: QFX10000 Series: IPv6 multicast traffic received on non-IRB interfaces causes a multicast flood (CVE-2026-57020) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-QFX10000-Series-IPv6-multicast-traffic-received-on-non-IRB-interfaces-causes-a-multicast-flood-CVE-2026-57020 CVSS (Max): 6.5 CVE-2026-57020 JSA110076: Junos OS and Junos OS Evolved: When a specifically malformed BGP route update is received RPD crashes (CVE-2026-33801) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-a-specifically-malformed-BGP-route-update-is-received-RPD-crashes-CVE-2026-33801 CVSS (Max): 6.5 CVE-2026-33801 JSA110074: Junos OS and Junos OS Evolved: Receipt of a specific SNMPv3 request results in memory leak and eventual snmpd crash (CVE-2026-33799) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-SNMPv3-request-results-in-memory-leak-and-eventual-snmpd-crash-CVE-2026-33799 CVSS (Max): 7.5 CVE-2026-33799 JSA110072: Junos OS and Junos OS Evolved: Configuration of a specific SSH option results in mgd crash (CVE-2026-21901) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Configuration-of-a-specific-SSH-option-results-in-mgd-crash-CVE-2026-21901 CVSS (Max): 4.4 CVE-2026-21901 JSA110078: Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker (CVE-2026-33803) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-Evolved-A-port-which-has-been-inadvertently-exposed-can-be-reached-by-an-attacker-CVE-2026-33803 CVSS (Max): 6.5 CVE-2026-33803 JSA110089: Junos OS Evolved: QFX Series: When sFlow collector reachability changes evo-pfemand process can crash (CVE-2026-57029) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-Evolved-QFX-Series-When-sFlow-collector-reachability-changes-evo-pfemand-process-can-crash-CVE-2026-57029 CVSS (Max): 5.3 CVE-2026-57029 JSA110088: Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker (CVE-2026-57028) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-Evolved-A-port-which-has-been-inadvertently-exposed-can-be-reached-by-an-attacker-CVE-2026-57028 CVSS (Max): 7.3 CVE-2026-57028 JSA110073: Junos OS Evolved: PTX Series: Receipt of repeated ECMP routing updates results in PFE crash (CVE-2026-33794) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-Evolved-PTX-Series-Receipt-of-repeated-ECMP-routing-updates-results-in-PFE-crash-CVE-2026-33794 CVSS (Max): 5.9 CVE-2026-33794 JSA110068: Junos OS Evolved: URL handling vulnerability in libfetch results in heap buffer overflow (CVE-2020-7450) https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-Evolved-URL-handling-vulnerability-in-libfetch-results-in-heap-buffer-overflow-CVE-2020-7450 CVSS (Max): 7.8 CVE-2020-7450 JSA110070: Junos Space: Multiple vulnerabilities resolved in 26.1R1 Patch V1 Release https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-26-1R1-Patch-V1-Release CVSS (Max): 9.9* CVE-2025-49844 JSA110071: cRPD: Multiple vulnerabilities resolved in cRPD 26.2R1 https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-cRPD-Multiple-vulnerabilities-resolved-in-cRPD-26-2R1 CVSS (Max): 7.5 CVE-2024-45490 JSA110069: Network Director: Multiple vulnerabilities resolved in 7.1R3 release https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Network-Director-Multiple-vulnerabilities-resolved-in-7-1R3-release CVSS (Max): 7.5 CVE-2026-34481 JSA110067: CTPView: Multiple vulnerabilities resolved in 9.3R2-3 Release https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-CTPView-Multiple-vulnerabilities-resolved-in-9-3R2-3-Release CVSS (Max): 10.0 CVE-2025-68121 GARR CERT Security Alert - subscribe/unsubscribe: https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert -----BEGIN PGP SIGNATURE----- iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCak9qQgAKCRDBnEyTZRJg QmzTAJ4rFrUrEWitITDu7IP98kbwkDdPawCgxUFZWRAO0ozazwa5o2/fIhVgjzM= =FfYZ -----END PGP SIGNATURE-----