# Juniper Networks MX Series Firewall Filter Bypass Vulnerability (CVE-2026-33774) ## Vulnerability Overview * **CVE ID:** CVE-2026-33774 * **Severity:** Medium (CVSS v3.1: 6.5, v4.0: 6.9) * **Description:** A vulnerability exists in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS MX Series, classified as "Improper Check for Unusual or Exceptional Conditions." An unauthenticated, network-based attacker can exploit this vulnerability to bypass configured firewall filters and access the device control plane. * **Specific Scenario:** On MX platforms (MPC10, MPC11, LC4800, LC9600 line cards, MX104), firewall filters applied to the lo0 interface (non-0 unit) will not take effect if that interface is not referenced in any Routing Instance (RI) configuration (i.e., it is used in the default RI). ## Affected Scope * **Affected Platforms:** MX Series (MPC10, MPC11, LC4800, LC9600 line cards, MX104) * **Affected Versions:** * All versions prior to 23.3R2 * 23.4 versions prior to 23.4R2-57 * 24.2 versions prior to 24.2R2 * 24.4 versions prior to 24.4R2 ## Remediation * **Fixed Versions:** 23.3R2-56, 23.4R2-57, 24.2R2, 24.4R2, 25.1R1, and all subsequent versions. * **Workaround:** Rename the lo0 logical unit used in the default routing instance from non-0 to 0. ## Relevant Configuration/Verification Code ```bash # Example of affected configuration user@host# show configuration interfaces lo0 | display set set interfaces lo unit 1 family inet filter input # Verification command (displays no match, indicating the filter is not active) user@device> show firewall counter filter ```