Vulnerability In Juniper Networks Junos OS Could Allow Remote Code Execution

A security vulnerability directly affected Juniper Networks Junos OS allowing remote code execution attacks. The cybersecurity vendors have fixed the bug alongside sharing some workarounds.

Juniper Networks Junos OS Vulnerability

In a recent advisory, Juniper Networks has shared details of a critical vulnerability affecting its Junos OS.

Juniper Networks is US-based networking and security firm developing various products including routers and switches, network software, and security toolkits.

Elaborating on the vulnerability, the vendors explained that a buffer size validation flaw affected the Junos OS – the core operating system of the firm’s network devices. Exploiting this vulnerability could allow an authenticated attacker to cause denial-of-service, or wage remote code execution attacks.

Mentioning more about the bug, the advisory reads,

The overlayd daemon handles Overlay OAM packets, such as ping and traceroute, sent to the overlay. The service runs as root by default and listens for UDP connections on port 4789. This issue results from improper buffer size validation, which can lead to a buffer overflow. Unauthenticated attackers can send specially crafted packets to trigger this vulnerability, resulting in possible remote code execution.

This vulnerability, CVE-2021-0254, has received a critical severity rating with a CVSS score of 9.8.

Patch Deployed

The vendors came to know of the bug following a report from Hoàng Thạch Nguyễn (d4rkn3ss) of STAR Labs.

Upon identifying the matter, Juniper Networks developed a fix that they subsequently released with the following software versions.

The following software releases have been updated to resolve this specific issue: Junos OS 15.1X49-D240, 15.1R7-S9, 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.1R3-S12, 18.2R2-S8, 18.2R3-S7, 18.3R3-S4, 18.4R1-S8, 18.4R2-S7, 18.4R3-S7, 19.1R2-S2, 19.1R3-S4, 19.2R1-S6, 19.2R3-S2, 19.3R3-S1, 19.4R2-S4, 19.4R3-S1, 20.1R2-S1, 20.1R3, 20.2R2, 20.2R2-S1, 20.2R3, 20.3R1-S1, 20.4R1, and all subsequent releases.

Despite being a critical vulnerability, the vendors confirmed to have found no active exploitation of it.

However, the US CISA has issued an alert for the users urging them to apply the patches or workarounds quickly. Therefore, users should rush to update the systems with the latest releases to avoid any cyber threats.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients