Home Cyber Security Essential RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches

Essential RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches

0
Essential RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches

[ad_1]

Jan 13, 2024NewsroomVulnerability / Community Safety

Juniper Vulnerability

Juniper Networks has launched updates to repair a important distant code execution (RCE) vulnerability in its SRX Sequence firewalls and EX Sequence switches.

The problem, tracked as CVE-2024-21591, is rated 9.8 on the CVSS scoring system.

“An out-of-bounds write vulnerability in J-Internet of Juniper Networks Junos OS SRX Sequence and EX Sequence permits an unauthenticated, network-based attacker to trigger a Denial-of-Service (DoS) or Distant Code Execution (RCE) and acquire root privileges on the machine,” the corporate stated in an advisory.

The networking gear main, which is about to be acquired by Hewlett Packard Enterprise (HPE) for $14 billion, stated the difficulty is brought on by use of an insecure perform permitting a nasty actor to overwrite arbitrary reminiscence.

Cybersecurity

The flaw impacts the next variations, and has been fastened in variations 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S3, 22.3R3-S2, 22.4R2-S2, 22.4R3, 23.2R1-S1, 23.2R2, 23.4R1, and later –

  • Junos OS variations sooner than 20.4R3-S9
  • Junos OS 21.2 variations sooner than 21.2R3-S7
  • Junos OS 21.3 variations sooner than 21.3R3-S5
  • Junos OS 21.4 variations sooner than 21.4R3-S5
  • Junos OS 22.1 variations sooner than 22.1R3-S4
  • Junos OS 22.2 variations sooner than 22.2R3-S3
  • Junos OS 22.3 variations sooner than 22.3R3-S2, and
  • Junos OS 22.4 variations sooner than 22.4R2-S2, 22.4R3

As short-term workarounds till the fixes are deployed, the corporate recommends that customers disable J-Internet or prohibit entry to solely trusted hosts.

Cybersecurity

Additionally resolved by Juniper Networks is a high-severity bug in Junos OS and Junos OS Developed (CVE-2024-21611, CVSS rating: 7.5) that might be weaponized by an unauthenticated, network-based attacker to trigger a DoS situation.

Whereas there may be proof that the vulnerabilities are being exploited within the wild, a number of safety shortcomings affecting the corporate’s SRX firewalls and EX switches had been abused by menace actors final yr.

Discovered this text attention-grabbing? Observe us on Twitter and LinkedIn to learn extra unique content material we submit.



[ad_2]