CVE-2026-21917
📋 TL;DR
An unauthenticated attacker can cause a denial-of-service on Juniper SRX Series firewalls by sending specially crafted SSL packets to devices with UTM Web-Filtering enabled. This causes FPC crashes and restarts, disrupting network traffic. Affected systems include SRX Series running specific vulnerable Junos OS versions.
💻 Affected Systems
- Juniper Networks SRX Series
📦 What is this software?
Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →⚠️ Risk & Real-World Impact
Worst Case
Complete network outage as firewall crashes and restarts, disrupting all traffic passing through the device
Likely Case
Intermittent service disruptions during FPC crash/restart cycles, potentially causing packet loss and connectivity issues
If Mitigated
Minimal impact if device is not internet-facing and has proper network segmentation
🎯 Exploit Status
Attack requires sending malformed SSL packets to trigger the vulnerability in the Web-Filtering module
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Junos OS: 23.2R2-S5, 23.4R2-S5, 24.2R2-S2, 24.4R1-S3, 24.4R2 and later
Vendor Advisory: https://kb.juniper.net/JSA105996
Restart Required: Yes
Instructions:
1. Download appropriate Junos OS version from Juniper support portal. 2. Backup current configuration. 3. Install update via CLI or J-Web interface. 4. Reboot device to apply changes. 5. Verify version with 'show version' command.
🔧 Temporary Workarounds
Disable UTM Web-Filtering
allTemporarily disable UTM Web-Filtering feature to prevent exploitation
set security utm feature-profile web-filtering type juniper-local
delete security utm feature-profile web-filtering
Restrict SSL Traffic
allImplement firewall rules to restrict SSL traffic to trusted sources only
set security policies from-zone untrust to-zone trust policy restrict-ssl match source-address any
set security policies from-zone untrust to-zone trust policy restrict-ssl match destination-address any
set security policies from-zone untrust to-zone trust policy restrict-ssl match application junos-https
set security policies from-zone untrust to-zone trust policy restrict-ssl then deny
🧯 If You Can't Patch
- Implement strict network segmentation to limit access to SRX management interfaces
- Deploy intrusion prevention systems (IPS) to detect and block malformed SSL packets
🔍 How to Verify
Check if Vulnerable:
Check if UTM Web-Filtering is enabled: 'show configuration security utm feature-profile web-filtering' and verify Junos version is in affected rangeCheck Version:
show version | match JunosVerify Fix Applied:
Run 'show version' to confirm Junos OS version is patched (23.2R2-S5+, 23.4R2-S5+, 24.2R2-S2+, 24.4R1-S3+, or 24.4R2+)📡 Detection & Monitoring
Log Indicators:
- FPC crash messages in system logs
- Web-filtering module errors
- Unexpected device restarts
Network Indicators:
- Multiple malformed SSL packets to SRX device
- Sudden traffic drops through firewall
SIEM Query:
source="SRX" AND ("FPC crash" OR "web-filtering" OR "kernel panic")