【Vulnerability Advisory】Critical Security Vulnerability in Juniper Networks Support Insights vLWC (CVE-2026-33784)

• Subject: 【Vulnerability Advisory】Critical Security Vulnerability in Juniper Networks Support Insights vLWC (CVE-2026-33784)

• Description:
  • Forwarded from Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) Security Alert: TWCERTCC-200-202604-00000008
  • A critical security vulnerability exists in the Juniper Networks Support Insights (JSI) Virtual Lightweight Collector (vLWC) (CVE-2026-33784, CVSS: 9.8). This is a default password vulnerability that allows attackers to log in using known default credentials and gain high-privileged access, potentially leading to full control of the device.
• Affected Platforms:
  • Juniper Networks Support Insights vLWC versions prior to 3.0.94
• Recommended Actions:
  • Please update to Juniper Networks Support Insights vLWC version 3.0.94 or later.
• Reference:
  1. https://www.twcert.org.tw/tw/cp-169-10828-12f00-1.html

Computer and Communication Center
Network Systems Division