Juniper Networks has taken swift action to rectify a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches through the release of crucial updates. Tracked as CVE-2024-21591, this security flaw is of significant concern, garnering a high CVSS score of 9.8.
The identified vulnerability resides in the J-Web component of Juniper Networks Junos OS SRX Series and EX Series, posing a serious threat. An unauthenticated, network-based attacker could exploit this flaw to trigger a Denial-of-Service (DoS) or Remote Code Execution (RCE) incident, potentially gaining root privileges on the affected device.
Root Cause and Impact
The issue stems from an out-of-bounds write vulnerability in J-Web, attributed to the use of an insecure function that enables a malicious actor to overwrite arbitrary memory. This vulnerability has far-reaching consequences, emphasizing the urgency of prompt mitigation.
Versions Affected and Fixes
The impact spans across various Junos OS versions, with fixes implemented in the following releases:
- 20.4R3-S9
- 21.2R3-S7
- 21.3R3-S5
- 21.4R3-S5
- 22.1R3-S4
- 22.2R3-S3
- 22.3R3-S2
- 22.4R2-S2
- 22.4R3
- 23.2R1-S1
- 23.2R2
- 23.4R1
- and later versions.
Temporary Workarounds
While awaiting deployment of the fixes, Juniper Networks recommends the following temporary workarounds:
- Disable J-Web
- Restrict access to only trusted hosts
Additional High-Severity Bug
Juniper Networks has also addressed a high-severity bug (CVE-2024-21611, CVSS score: 7.5) in Junos OS and Junos OS Evolved. This bug, if exploited by an unauthenticated, network-based attacker, could lead to a DoS condition.
Despite evidence of active exploitation of these vulnerabilities in the wild, it is noteworthy that multiple security shortcomings affecting Juniper Networks’ SRX firewalls and EX switches were exploited by threat actors in the previous year.