January 13, 2024 at 06:54AM
Juniper Networks released updates to fix a critical remote code execution vulnerability in its SRX Series firewalls and EX Series switches, tracked as CVE-2024-21591 with a CVSS score of 9.8. The flaw can allow attackers to cause Denial-of-Service or Remote Code Execution, affecting specific Junos OS versions. Juniper also resolved another high-severity bug, CVE-2024-21611. Temporary workarounds include disabling J-Web or restricting access to trusted hosts. Multiple security shortcomings affecting the company’s SRX firewalls and EX switches were exploited by threat actors last year.
Summary of Meeting Notes:
– Juniper Networks has released updates to address a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches, tracked as CVE-2024-21591 with a CVSS score of 9.8.
– The vulnerability allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS) or RCE and obtain root privileges on the device through an out-of-bounds write vulnerability in J-Web.
– The vulnerability is caused by the use of an insecure function, enabling a bad actor to overwrite arbitrary memory.
– The impact extends to several Junos OS versions, with fixes available in specific versions 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S3, 22.3R3-S2, 22.4R2-S2, 22.4R3, 23.2R1-S1, 23.2R2, 23.4R1, and later.
– Users are advised to disable J-Web or restrict access to trusted hosts as temporary workarounds until the fixes are deployed.
– Another high-severity bug (CVE-2024-21611, CVSS score: 7.5) in Junos OS and Junos OS Evolved, which could cause a DoS condition, has also been resolved by Juniper Networks.
– Exploitation of these vulnerabilities is observed in the wild, and multiple security shortcomings affecting the company’s SRX firewalls and EX switches were abused by threat actors last year.