Security News > 2020 > July > Juniper Networks Patches Critical Vulnerabilities in Firewalls
Juniper Networks this week informed customers that it has patched many vulnerabilities in its products, mostly ones that can be exploited for denial-of-service attacks.
Over a dozen advisories have been published by the company to describe several vulnerabilities that are specific to Juniper products, as well as tens of flaws impacting third-party components.
One of the most serious vulnerabilities in software made by Juniper is CVE-2020-1647, a critical double free issue that affects SRX series firewalls with the ICAP redirect service enabled.
Half a dozen of the vulnerabilities have been rated high severity and all of them can be exploited for DoS attacks, including sustained attacks.
Juniper Networks says it's not aware of any attacks exploiting the vulnerabilities patched this week.
News URL
Related news
- GitLab patches critical authentication bypass vulnerabilities (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- OpenAI now pays researchers $100,000 for critical vulnerabilities (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Adobe Patches 11 Critical ColdFusion Flaws Amid 30 Total Vulnerabilities Discovered (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-17 | CVE-2020-1647 | Double Free vulnerability in Juniper Junos On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, a double free vulnerability can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) due to processing of a specific HTTP message. | 9.8 |