Juniper Junos OS: SRX Series and EX Series: Security Vulnerability in J-web allows a preAuth Remote Code Execution (CVE-2024-21591)

Imechapishwa: Jan 15, 2024 15:21

Advisory No: TZCERT/SA/2024/01/15

Source: Juniper

Software Affected: All versions of Junos OS on SRX Series and EX Series.

Overview

Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. Successfully exploitation of the vulnerability could result in an attacker taking control of the affected system.

Description

This is caused by the Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device.

Impact

Successful exploitation of this vulnerability may allow a remote attacker to cause Denial of Service (DoS) or take control of the affected system.

Solution

Juniper has released software updates to resolve this specific issue on: Junos OS: 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S3, 22.3R3-S2, 22.4R2-S2, 22.4R3, 23.2R1-S1, 23.2R2, 23.4R1, and all subsequent releases. Users and administrators are encouraged to apply necessary updates.

Subscribe To TZ - CERT Newsletter

A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.

Subscribe
Ripoti Tukio