A vulnerability in Juniper Networks’ Junos OS operating system for its SRX and EX Series firewalls and switches allows these network devices to be attacked by hackers to execute malicious code.
A vulnerability is found in the J-Web configuration tool for the firewalls and switches. This vulnerability allows unauthenticated attackers to execute arbitrary code on these devices to take control eventually.
The J-Web configuration tool monitors, configures, and manages the affected firewalls and switches via a Web interface.
The leak in this environment allows hackers to overwrite unauthorized memory and execute arbitrary code. This allows them to obtain root privileges and take over the devices.
The vulnerability applies to several versions of the Junos OS, including Junos OS versions earlier than v20.4R3-S9 and Junos OS 21.2 versions earlier than v21.2R3-S7.
Measures
Juniper Networks has since released updates that should fix the problem. A temporary fix also recommends disabling the J-Web interface and allowing access only from trusted hosts.
Shadowserver estimates that the J-Web interface is accessible on 8,300 Juniper systems worldwide, 139 of which are in the Netherlands. Censys speaks of about 11,000 systems worldwide.
According to Juniper , there are no known cases of abuse so far.
Also read: HPE and Juniper reach an agreement: 12.8 billion euro acquisition
2 days ago
