Critical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches

The issue, tracked as CVE-2024-21591, is rated 9.8 on the CVSS scoring system.

“An out-of-bounds write vulnerability in J-Web of Juniper Networks Junos OS SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS) or Remote Code Execution (RCE) and obtain root privileges on the device,” the company said in an advisory.

The flaw impacts the following versions, and has been fixed in versions 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S3, 22.3R3-S2, 22.4R2-S2, 22.4R3, 23.2R1-S1, 23.2R2, 23.4R1, and later –

• Junos OS versions earlier than 20.4R3-S9
• Junos OS 21.2 versions earlier than 21.2R3-S7
• Junos OS 21.3 versions earlier than 21.3R3-S5
• Junos OS 21.4 versions earlier than 21.4R3-S5
• Junos OS 22.1 versions earlier than 22.1R3-S4
• Junos OS 22.2 versions earlier than 22.2R3-S3
• Junos OS 22.3 versions earlier than 22.3R3-S2, and
• Junos OS 22.4 versions earlier than 22.4R2-S2, 22.4R3

As temporary workarounds until the fixes are deployed, the company recommends that users disable J-Web or restrict access to only trusted hosts.

While there is no evidence that the vulnerabilities are being exploited in the wild, multiple security shortcomings affecting the company’s SRX firewalls and EX switches were abused by threat actors last year.

Source: https://thehackernews.com/