Juniper Networks fixes a critical vulnerability Junos OS SRX Series and EX Series enabling remote code execution

Juniper Networks has issued critical security updates to mitigate a severe pre-authentication remote code execution (RCE) flaw, track as CVE-2024-21591 (CVSS score 9.8), present in its SRX Series firewalls and EX Series switches.

The flaw is located in the J-Web configuration interfaces of these devices, and it allows an unauthenticated attacker to either execute code remotely with root privileges or initiate denial-of-service (DoS) attacks on systems that haven't been patched.

The company's advisory details an "Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS SRX Series and EX Series," which permits an unauthenticated, network-based attacker to either disrupt service (DoS) or perform RCE to gain root access on the affected device.

The vulnerability stems from the use of a vulnerable function that enables memory overwriting. Juniper Networks' Junos OS SRX Series and EX Series are impacted by this vulnerability, but the Juniper SIRT has not detected any exploitation of this flaw in the wild.

This vulnerability affects the following JunOS SRX Series and EX Series:

• Junos OS versions earlier than 20.4R3-S9;
• Junos OS 21.2 versions earlier than 21.2R3-S7;
• Junos OS 21.3 versions earlier than 21.3R3-S5;
• Junos OS 21.4 versions earlier than 21.4R3-S5;
• Junos OS 22.1 versions earlier than 22.1R3-S4;
• Junos OS 22.2 versions earlier than 22.2R3-S3;
• Junos OS 22.3 versions earlier than 22.3R3-S2;
• Junos OS 22.4 versions earlier than 22.4R2-S2, 22.4R3.

To resolve the issue, Juniper Networks has released several software updates, including Junos OS versions 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S3, 22.3R3-S2, 22.4R2-S2, 22.4R3, 23.2R1-S1, 23.2R2, 23.4R1, and all later releases.

A workaround is to either disable J-Web or restrict its access solely to trusted hosts.