Today: Dec 27, 2024

Important RCE Vulnerability Exposed in Juniper SRX Firewalls and EX Switches

Important RCE Vulnerability Exposed in Juniper SRX Firewalls and EX Switches
January 14, 2024



 Jan 13, 2024 NewsroomVulnerability / Community SafetyImportant RCE Vulnerability Exposed in Juniper SRX Firewalls and EX Switches
Juniper Networks has launched an replace to mend a far off error (RCE) vulnerability in its SRX Sequence switches and EX Sequence switches. This factor, coded as CVE-2024-21591, has a score of 9.8 at the CVSS machine. “J-Internet vulnerability coding of Juniper Networks Junos OS SRX Sequence and EX Sequence lets in an unauthenticated attacker, a community person to purpose a Denial-of-Carrier (DoS) or Far off Code Execution (RCE) and achieve get entry to to the software,” the corporate mentioned. in counseling. The community operator, which is predicted to be obtained through Hewlett Packard Endeavor (HPE) for $ 14 billion, mentioned that the issue is brought about by means of an insecure characteristic that permits an attacker to jot down reminiscence indiscriminately.
Cybersecurity
The mistake impacts the next variations, and is fastened in variations 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S3, 22.3R3-S4R2, 2 -S2, 22.4 R3, 23.2R1-S1, 23.2R2, 23.4R1, and later – Junos OS variations previous than 20.4R3-S9 Junos OS 21.2 Variations previous than 21.2R3-S7 Junos OS 21.1 Variations 3 Junos OS variations previous than 21.4 than 21.4R3-S5 Junos OS 22.1 variations previous than 22.1R3-S4 Junos OS 22.2 variations previous than 22.2R3-S3 Junos OS 22.3 variations previous than 22.3R3-S2, and Junos2.2.2 OS2 variations previous than S2, 22.4R3 As running briefly till a repair is ​​put in, the corporate recommends that customers flip off J-Internet or block handiest relied on customers.
Cybersecurity
Additionally resolved through Juniper Networks is essentially the most unhealthy virus in Junos OS and Junos OS Advanced (CVE-2024-21611, CVSS rating: 7.5) which can also be provided with an unauthorized, Web attacker to create a DoS situation. Even though there is not any proof that the assaults are getting used within the wild, a number of safety flaws affecting the corporate's SRX firewalls and EX switches had been exploited through attackers previously 12 months.

Did you to find this newsletter fascinating? Apply us on Twitter  and LinkedIn to learn extra of our content material.

OpenAI
Author: OpenAI

Don't Miss

AI May Generate 10,000 Malware Variants, Evading Detection in 88% of Case

AI May Generate 10,000 Malware Variants, Evading Detection in 88% of Case

Cybersecurity researchers have came upon that it’s conceivable to make use of
Adobe warns of essential ColdFusion computer virus with PoC exploit code

Adobe warns of essential ColdFusion computer virus with PoC exploit code

Adobe has launched an out-of-band safety replace to handle a significant factor