CVE-2024-21591: Critical Pre-RCE Flaw Threatens Junos OS SRX and EX Series

Multiple vulnerabilities were identified in Juniper Junos OS, posing a range of threats from denial of service to remote code execution.

CVE-2024-21611: A memory leak and eventually an rpd crash

Among these, a vulnerability has been discovered in Juniper Networks’ operating systems, Junos OS and Junos OS Evolved. This flaw, identified as CVE-2024-21611, arises when Juniper Flow Monitoring (jflow) is configured. It manifests as a gradual memory leak in the routing protocol daemon (rpd) during next-hop updates, culminating in a system crash and reboot. Rated at 7.5 on the Common Vulnerability Scoring System (CVSSv3.1) and classified as ‘High’ severity, there have been no confirmed exploits of this vulnerability. Juniper Networks advises upgrading to revised versions of Junos OS and Junos OS Evolved, specifically 22.3R1, 22.2R3, 22.1R3, 21.4R3, or later.

CVE-2024-21591: J-web allows a preAuth Remote Code Execution

More alarming is CVE-2024-21591, a high-risk vulnerability with a CVSS score of 9.8, affecting SRX and EX Series. This out-of-bounds write vulnerability in J-Web allows unauthenticated attackers to execute remote code, gain root privileges, or cause a Denial of Service.

“An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device,” the company said.

Affecting various versions, Juniper has released updates to address this serious flaw.

A Proactive Stance Against Cyber Threats

Juniper has not detected any malicious exploitation of these vulnerabilities, which were uncovered through internal and external security research. The company has swiftly released patches across multiple versions of the OS, urging users to update their systems.