Juniper Networks has introduced updates to take care of a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Collection switches.
The issue, tracked as CVE-2024-21591, is rated 9.8 on the CVSS scoring technique.
“An out-of-bounds compose vulnerability in J-Web of Juniper Networks Junos OS SRX Series and EX Series will allow an unauthenticated, network-primarily based attacker to trigger a Denial-of-Services (DoS) or Distant Code Execution (RCE) and attain root privileges on the system,” the organization claimed in an advisory.

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
The networking machines major, which is established to be acquired by Hewlett Packard Business (HPE) for $14 billion, stated the issue is prompted by use of an insecure functionality allowing for a terrible actor to overwrite arbitrary memory.
The flaw impacts the next variations, and has been fixed in variations 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S3, 22.3R3-S2, 22.4R2-S2, 22.4R3, 23.2R1-S1, 23.2R2, 23.4R1, and later on –
- Junos OS variations before than 20.4R3-S9
- Junos OS 21.2 versions previously than 21.2R3-S7
- Junos OS 21.3 variations before than 21.3R3-S5
- Junos OS 21.4 variations before than 21.4R3-S5
- Junos OS 22.1 variations earlier than 22.1R3-S4
- Junos OS 22.2 variations previously than 22.2R3-S3
- Junos OS 22.3 variations previously than 22.3R3-S2, and
- Junos OS 22.4 versions before than 22.4R2-S2, 22.4R3
As short-term workarounds right up until the fixes are deployed, the organization recommends that customers disable J-Web or restrict accessibility to only dependable hosts.
Also fixed by Juniper Networks is a significant-severity bug in Junos OS and Junos OS Evolved (CVE-2024-21611, CVSS score: 7.5) that could be weaponized by an unauthenticated, network-primarily based attacker to cause a DoS problem.
When there is proof that the vulnerabilities are being exploited in the wild, various security shortcomings influencing the company’s SRX firewalls and EX switches have been abused by danger actors last year.
Uncovered this short article fascinating? Abide by us on Twitter and LinkedIn to go through much more special material we submit.
Some sections of this write-up are sourced from:
thehackernews.com