Back to overview

CVE-2026-57024

MEDIUM
5.3
CVSS 3.1
Description
A Use of Multiple Resources with Duplicate Identifier vulnerability in the IKE daemon (iked) of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). On an MX with SPC3 and SRX devices configured for VPN service, when a large number of VPN negotiations fail a peer index rollover will eventually occur. As a result, new peers are assigned index values that are already in use and the iked process starts to crash repeatedly. This results in failure to establish new VPN connections and rekeying existing ones. To restore service the system must be rebooted. Please note that the index value can't be monitored, so customers should monitor tunnel up and down events and if a lot of events occur over an extended period of time it becomes likely that this issue occurs. To be exposed to this issue the system needs to run iked (vs. kmd which is not affected), which can be verified with: user@host> show system processes extensive | match "KMD|IKED" This issue affects Junos OS on MX with SPC3, SRX Series: * all versions before 23.2R2-S7, * 23.4 versions before 23.4R2-S6, * 24.2 versions before 24.2R2-S3, * 24.4 versions before 24.4R2-S4, * 25.2 versions before 25.2R1-S1.

Metadata

CVE ID
CVE-2026-57024
State
PUBLISHED
Assigner
juniper
Reserved
2026-06-23 16:27 UTC
Published
2026-07-09 21:06 UTC
Last updated
2026-07-09 21:06 UTC
Primary CWE
CWE-694
CWE-694 Use of Multiple Resources with Duplicate Identifier
Vendor / Product
Juniper Networks / Junos OS
Sources
cve.org  ·  NVD

Severity & Metrics

5.3 MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected products (1)
VendorProductPlatformVersions
Juniper Networks Junos OS SRX Series,MX with SPC3 0 < 23.2R2-S7, 23.4 < 23.4R2-S6, 24.2 < 24.2R2-S3, 24.4 < 24.4R2-S4 …
Weakness (CWE)
CWESourceDescription
CWE-694 cna CWE-694 Use of Multiple Resources with Duplicate Identifier
CVSS scores (2)
ScoreSeverityVersionSourceVector
6.9 MEDIUM 4.0 cna CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/AU:Y/R:U/RE:M
5.3 MEDIUM 3.1 cna CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Back to overview