CVE-2026-21914

Published Jan 15, 2026

Last updated a month ago

CVSS high 8.7

Overview

Description: An Improper Locking vulnerability in the GTP plugin of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (Dos). If an SRX Series device receives a specifically malformed GPRS Tunnelling Protocol (GTP) Modify Bearer Request message, a lock is acquired and never released. This results in other threads not being able to acquire a lock themselves, causing a watchdog timeout leading to FPC crash and restart. This issue leads to a complete traffic outage until the device has automatically recovered. This issue affects Junos OS on SRX Series: * all versions before 22.4R3-S8, * 23.2 versions before 23.2R2-S5, * 23.4 versions before 23.4R2-S6, * 24.2 versions before 24.2R2-S3, * 24.4 versions before 24.4R2-S2, * 25.2 versions before 25.2R1-S1, 25.2R2.
Source: sirt@juniper.net
NVD status: Analyzed
Products: junos

Risk scores

CVSS 4.0

Type: Secondary
Base score: 8.7
Impact score: -
Exploitability score: -
Vector string: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X
Severity: HIGH

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

Weaknesses

sirt@juniper.net: CWE-667

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "57F66641-003B-49D6-A9B9-AB300CFE3C93",
            "versionEndExcluding": "22.4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
            "matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
            "matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
            "matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*",
            "matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*",
            "matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*",
            "matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*",
            "matchCriteriaId": "EBB967BF-3495-476D-839A-9DBFCBE69F91",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*",
            "matchCriteriaId": "7E5688D6-DCA4-4550-9CD1-A3D792252129",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s1:*:*:*:*:*:*",
            "matchCriteriaId": "8494546C-00EA-49B6-B6FA-FDE42CA5B1FA",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s2:*:*:*:*:*:*",
            "matchCriteriaId": "8BB98579-FA33-4E41-A162-A46E9709FBD3",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s3:*:*:*:*:*:*",
            "matchCriteriaId": "08E2562F-FB18-4347-8497-7D61B8157EBB",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s4:*:*:*:*:*:*",
            "matchCriteriaId": "494D1D96-1DA2-4B0A-9536-1B5A4FDFCA09",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s5:*:*:*:*:*:*",
            "matchCriteriaId": "60A1E37B-1990-44D9-87FE-300678243BE2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s6:*:*:*:*:*:*",
            "matchCriteriaId": "D306ED88-8700-4FD4-8919-3C85728C04C3",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s7:*:*:*:*:*:*",
            "matchCriteriaId": "11340C63-A638-420C-85C9-1B4438C88D52",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*",
            "matchCriteriaId": "1A78CC80-E8B1-4CDA-BB35-A61833657FA7",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*",
            "matchCriteriaId": "4B3B2FE1-C228-46BE-AC76-70C2687050AE",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*",
            "matchCriteriaId": "F1B16FF0-900F-4AEE-B670-A537139F6909",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*",
            "matchCriteriaId": "B227E831-30FF-4BE1-B8B2-31829A5610A6",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.2:r2:*:*:*:*:*:*",
            "matchCriteriaId": "1ADA814B-EF98-45B1-AF7A-0C89688F7CA5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s1:*:*:*:*:*:*",
            "matchCriteriaId": "A6FB32DF-D062-4FB9-8777-452978BEC7B7",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s2:*:*:*:*:*:*",
            "matchCriteriaId": "B3B6C811-5C10-4486-849D-5559B592350A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s3:*:*:*:*:*:*",
            "matchCriteriaId": "078D61B9-A228-453C-9D20-6F9C6B20637F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s4:*:*:*:*:*:*",
            "matchCriteriaId": "F1F136A0-021D-43FE-BDD3-AD7201F7FC03",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*",
            "matchCriteriaId": "78481ABC-3620-410D-BC78-334657E0BB75",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*",
            "matchCriteriaId": "BE8A5BA3-87BD-473A-B229-2AAB2C797005",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*",
            "matchCriteriaId": "8B74AC3E-8FC9-400A-A176-4F7F21F10756",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*",
            "matchCriteriaId": "CB2D1FCE-8019-4CE1-BA45-D62F91AF7B51",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.4:r2:*:*:*:*:*:*",
            "matchCriteriaId": "175CCB13-76C0-44A4-A71D-41E22B92EB23",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s1:*:*:*:*:*:*",
            "matchCriteriaId": "166BFDB3-1945-4949-BC2B-E18442FF2E4D",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s2:*:*:*:*:*:*",
            "matchCriteriaId": "5923610F-878C-48CA-8B5D-9C609E4DD4DB",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s3:*:*:*:*:*:*",
            "matchCriteriaId": "A7C207E3-0252-4192-8E8C-E2ED2831B4F4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s4:*:*:*:*:*:*",
            "matchCriteriaId": "E6974492-FE69-4340-8881-61C3329C1545",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s5:*:*:*:*:*:*",
            "matchCriteriaId": "279E59FE-96DF-4E1D-A3A2-61D180F04533",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*",
            "matchCriteriaId": "89524D6D-0B22-4952-AD8E-8072C5A05D5C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*",
            "matchCriteriaId": "AD69A194-1B03-44EA-8092-79BD10C6F729",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:24.2:r1-s1:*:*:*:*:*:*",
            "matchCriteriaId": "8463ADB4-B8A7-4D63-97A9-232ED713A21C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:24.2:r1-s2:*:*:*:*:*:*",
            "matchCriteriaId": "FE68337F-106E-4317-A5B6-292B0159F577",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:24.2:r2:*:*:*:*:*:*",
            "matchCriteriaId": "266B520A-482A-43F7-90F8-B9D64D30034F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:24.2:r2-s1:*:*:*:*:*:*",
            "matchCriteriaId": "AC78BC9E-5DA7-4E42-9923-B49A0B7F3564",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:24.2:r2-s2:*:*:*:*:*:*",
            "matchCriteriaId": "DD99F1B0-82B0-4CD3-8C8F-C0FFF44A8B90",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:24.4:-:*:*:*:*:*:*",
            "matchCriteriaId": "C452BDCB-34E3-42D3-8909-2312356EB70A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:24.4:r1:*:*:*:*:*:*",
            "matchCriteriaId": "2B8158F2-2028-40E9-955F-CFD581A32F60",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:24.4:r1-s2:*:*:*:*:*:*",
            "matchCriteriaId": "1A7233A1-EC7A-4458-9AE1-835480A03A21",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:24.4:r1-s3:*:*:*:*:*:*",
            "matchCriteriaId": "D74087E2-5CAA-4085-8408-EB70EC1D5D91",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:24.4:r2:*:*:*:*:*:*",
            "matchCriteriaId": "0EEF1798-F3C2-4645-96E7-1E82368B184D",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:24.4:r2-s1:*:*:*:*:*:*",
            "matchCriteriaId": "C8BB5EE1-04C7-4DF3-807A-06005ECFEEE5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:25.2:-:*:*:*:*:*:*",
            "matchCriteriaId": "1B7572BB-9C77-4214-9C5F-CC83C7B93E37",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:25.2:r1:*:*:*:*:*:*",
            "matchCriteriaId": "CAADBF98-38BE-40E2-AF1B-9077DCED0809",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:25.2:r2:*:*:*:*:*:*",
            "matchCriteriaId": "6C7B9DEB-7472-4010-8717-8050555C2FAD",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "4AE06B18-BFB5-4029-A05D-386CFBFBF683",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "48A1DCCD-208C-46D9-8E14-89592B49AB9A",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx4120:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "E5942B6E-AFC7-40E4-8007-68C804BD52E3",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "826F893F-7B06-43B5-8653-A8D9794C052E",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx4700:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "462CFD52-D3E2-4F7A-98AC-C589D2420556",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 4.0

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References