Juniper Networks has swiftly addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2024-21591, in its SRX Series firewalls and EX Series switches. Rated 9.8 on the CVSS scoring system, the flaw stems from an out-of-bounds write vulnerability in J-Web of Junos OS, allowing an unauthenticated network-based attacker to potentially cause a Denial-of-Service (DoS) or execute remote code, gaining root privileges on the targeted device. The insecure function usage permits a bad actor to overwrite arbitrary memory. Juniper Networks has released updates for affected versions and advises users to disable J-Web or restrict access to trusted hosts until the fixes are deployed.
In addition to the critical RCE vulnerability, Juniper Networks also resolved a high-severity bug, CVE-2024-21611, rated 7.5 on the CVSS score, affecting Junos OS and Junos OS Evolved. This flaw could be exploited by an unauthenticated, network-based attacker to cause a DoS condition. While there is no evidence of exploitation in the wild, the company recommends users apply the necessary fixes promptly. The vulnerabilities impact various Junos OS versions, and the fixes have been implemented in releases starting from 20.4R3-S9 up to version 23.4R1 and later.
Juniper Networks, currently in the process of being acquired by Hewlett Packard Enterprise (HPE) for $14 billion, urges users to update their systems to the latest patched versions. The company emphasizes the significance of these updates, as multiple security shortcomings in Juniper’s SRX firewalls and EX switches were exploited by threat actors in the previous year. The swift response to these vulnerabilities highlights the importance of proactive patching and addressing security issues promptly to protect network infrastructure from potential exploitation and cyber threats.