HIGHCVE-2026-21916Published Modified CNA juniper
CVE-2026-21916: Junos OS: A low privileged user can escalate their privileges so that they can login as root
A UNIX Symbolic Link (Symlink) Following vulnerability in the CLI of Juniper Networks Junos OS allows a local, authenticated attacker with low privileges to escalate their privileges to root which will lead to a complete compromise of the system. When after a user has performed a specific 'file link ...' CLI operation, another user commits (unrelated configuration changes), the first user can login as root. This issue affects Junos OS: * all versions before 23.2R2-S7, * 23.4 versions before 23.4R2-S6, * 24.2 versions before 24.2R2-S3, * 24.4 versions before 24.4R2-S2, * 25.2 versions before 25.2R2. This issue does not affect versions 25.4R1 or later.
Metrics
- CVSS v4.0
- 7.0
- Severity
- HIGH
- Fixed in
- 23.2R2-S7
- Affected Products
- 1
Fix available
23.2R2-S723.4R2-S624.2R2-S324.4R2-S225.2R225.4R1
Affected packages
- Juniper Networks / Junos OS< 23.2R2-S7 (from 0) · < 23.4R2-S6 (from 23.4) · < 24.2R2-S3 (from 24.2) · < 24.4R2-S2 (from 24.4) · < 25.2R2 (from 25.2)Fixed in 25.4R1
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L/AU:Y/R:U/RE:MReferences