A Juniper Networks Junos OS Vulnerability could allow remote code execution attacks. Juniper networks have fixed the vulnerability and shared a few workarounds.
The recent advisory released addresses the critical vulnerabilities affecting the Junos OS. Further shedding light on the details, the US-based networking and security firm explained to vendors the buffer size validation flaw affected the Junos OS.
Junos OS is a core operating system for Juniper’s network devices. Bad actors can exploit the vulnerabilities in Junos OS to gain access, carry out DDOS attacks or launch remote code execution attacks.
Juniper Networks Junos OS Vulnerability
Overlay OAM packets such as ping and traceroute are handled by overlay demons which are sent to the overlay. The service listens for UDP connections on Port 4789 and runs as root by default. This results in improper buffer size validation leading to a buffer overflow. Bad actors can send specially designed packets to trigger the vulnerability or prospective remote code execution.
The CVE-2021-0254 vulnerability has received a critical severity rating with a CVSS score of 9.8.
Patch has been released
After Hoàng Thạch Nguyễn (d4rkn3ss) of STAR Labs reported the vulnerability the vendors have released a fix for the following software versions to resolve this specific issue:
Junos OS 15.1X49-D240, 15.1R7-S9, 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.1R3-S12, 18.2R2-S8, 18.2R3-S7, 18.3R3-S4, 18.4R1-S8, 18.4R2-S7, 18.4R3-S7, 19.1R2-S2, 19.1R3-S4, 19.2R1-S6, 19.2R3-S2, 19.3R3-S1, 19.4R2-S4, 19.4R3-S1, 20.1R2-S1, 20.1R3, 20.2R2, 20.2R2-S1, 20.2R3, 20.3R1-S1, 20.4R1, and all subsequent releases.
Juniper has assured its users there is no active exploitation of the critical vulnerability reported.
Though CISA, US has issued an alert for users and urged them to apply the patches or implement the workarounds ASAP.