Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Critical RCE security bug affecting thousands of Juniper Networks devices - so patch now

Red padlock open on electric circuits network dark red background.

Thousands of Juniper devices were found vulnerable to a critical flaw which allows threat actors to execute malicious code remotely and without the need for authentication.

The Register reported a vulnerability tracked as CVE-2024-21591. Described as an out-of-bounds write flaw, the vulnerability carries a severity score of 9.8/10, and allows hackers to obtain root privileges, cause denial of service, or run code remotely. 

It was discovered in Juno OS’ J-Web configuration interface.

Patches and workarounds

The publication also says, citing data from Censys, that more than 11,500 devices are vulnerable, including all powered by:

Junos OS versions earlier than 20.4R3-S9 

Junos OS 21.2 versions earlier than 21.2R3-S7 

Junos OS 21.3 versions earlier than 21.3R3-S5 

Junos OS 21.4 versions earlier than 21.4R3-S5 

Junos OS 22.1 versions earlier than 22.1R3-S4 

Junos OS 22.2 versions earlier than 22.2R3-S3 

Junos OS 22.3 versions earlier than 22.3R3-S2 

Junos OS 22.4 versions earlier than 22.4R2-S2, 22.4R3

The most exposed endpoint seems to be SRX110H2-VA, a firewall whose end of life was reached back in 2018. The majority of potential victims is located in South Korea, with some found in the US, Hong Kong, and China. 

There is no evidence of the vulnerability being exploited in the wild, Juniper said, but now that the cat is out of the bag, it’s only a matter of time before hackers start scanning for vulnerable devices. Admins who can’t apply the patch for any reason should disable J-Web, or limit access to only trusted sources, Juniper added. 

Applying the patch is the best way to remain secure from potential threats, but admins seem to be very slow. In late August last year, Juniper patched a similarly dangerous vulnerability (9.8) but it turns out most endpoints are yet to be patched.

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.