CVE-2026-21920
📋 TL;DR
An unauthenticated attacker can send specially crafted DNS requests to Juniper SRX Series devices running vulnerable Junos OS versions, causing the flowd process to crash and restart. This results in a denial-of-service condition until the process recovers. Only SRX Series devices with DNS processing configured are affected.
💻 Affected Systems
- Juniper Networks SRX Series
📦 What is this software?
Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →⚠️ Risk & Real-World Impact
Worst Case
Continuous exploitation could cause repeated flowd crashes, leading to sustained service interruption and potential network instability.
Likely Case
Intermittent DoS events causing temporary service disruption until flowd restarts automatically.
If Mitigated
With proper network controls, the attack surface is reduced, but vulnerable devices remain at risk if exposed.
🎯 Exploit Status
Attack requires sending specifically formatted DNS requests to vulnerable devices.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Junos OS 23.4R2-S5, 24.2R2-S1, 24.4R2 or later
Vendor Advisory: https://kb.juniper.net/JSA106020
Restart Required: Yes
Instructions:
1. Download appropriate Junos OS version from Juniper support portal. 2. Install using 'request system software add' command. 3. Reboot device after installation.
🔧 Temporary Workarounds
Disable DNS processing
junosIf DNS functionality is not required, disable DNS processing on SRX devices.
set system name-server none
delete system name-server
Restrict DNS access
junosUse firewall policies to restrict DNS traffic to trusted sources only.
set security policies from-zone untrust to-zone trust policy dns-restrict match source-address trusted-dns-servers
set security policies from-zone untrust to-zone trust policy dns-restrict match destination-address any
set security policies from-zone untrust to-zone trust policy dns-restrict match application junos-dns
set security policies from-zone untrust to-zone trust policy dns-restrict then deny
🧯 If You Can't Patch
- Implement strict network segmentation to limit DNS traffic to vulnerable devices
- Deploy intrusion prevention systems to detect and block malicious DNS patterns
🔍 How to Verify
Check if Vulnerable:
Check Junos OS version with 'show version' and verify if DNS processing is configured with 'show configuration system name-server'Check Version:
show versionVerify Fix Applied:
After patching, verify version is at or above patched versions and test DNS functionality📡 Detection & Monitoring
Log Indicators:
- flowd process crashes in system logs
- DNS request anomalies in traffic logs
Network Indicators:
- Unusual DNS traffic patterns to SRX devices
- DNS requests with malformed formatting
SIEM Query:
source="junos" AND ("flowd" AND "crash") OR ("DNS" AND "malformed")