Juniper Vulnerability
Juniper Networks recently released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series switches and firewalls. This flaw, identified as CVE-2024-21591, scores a high 9.8 on the CVSS system.
Critical RCE bug in Juniper’s firewalls and switches is forewarned.
Understanding the Vulnerability
An out-of-bounds write vulnerability in the J-Web of Junos OS SRX Series and EX series allows an unauthenticated attacker to execute code remotely and gain root access. This issue stems from using an insecure function that permits memory overwriting.
Affected Versions and Fixes
The issue impacts several versions but has fixes in 20.4R3-S9, 21.2R3, 21.3R5, 21.4R3, 22.2R3/S2, 22.4R2/S2, 23.4R1, and 23.2R2 onwards. Affected versions include:
- Junos OS before 20.4R3-S9
- Junos OS 21.2 before 21.2R3-S7
- Junos OS 21.3 before 21.3R3-S5
- Junos OS 21.4 before 21.4R3-S5
- Junos OS 22.1 before 22.1R3-S4
- Junos OS 22.2 before 22.2R3-S3
- Junos OS 22.3 before 22.3R3-S2
- Junos OS 22.4 before 22.4R2-S2 and 22.4R3
Home of CyberSecurity and Compliance
Recommended Actions
Until fixes are applied, Juniper advises disabling J-Web or restricting access to trusted hosts.
Critical Unity Connection bug, according to Cisco, allows attackers to gain root.
Addressing a High-Severity Bug
Juniper Networks also fixed a high-severity DoS vulnerability (CVE-2024-21611, CVSS score: 7.5) in Junos OS and Junos OS Evolved. This vulnerability could be exploited by an unauthenticated attacker.
Previous Exploits
Last year, threat actors exploited several vulnerabilities in Juniper’s SRX firewalls and EX switches, although there is currently no evidence that these new vulnerabilities are being exploited.