Security News > 2020 > July > Juniper Networks Patches Critical Vulnerabilities in Firewalls
Juniper Networks this week informed customers that it has patched many vulnerabilities in its products, mostly ones that can be exploited for denial-of-service attacks.
Over a dozen advisories have been published by the company to describe several vulnerabilities that are specific to Juniper products, as well as tens of flaws impacting third-party components.
One of the most serious vulnerabilities in software made by Juniper is CVE-2020-1647, a critical double free issue that affects SRX series firewalls with the ICAP redirect service enabled.
Half a dozen of the vulnerabilities have been rated high severity and all of them can be exploited for DoS attacks, including sustained attacks.
Juniper Networks says it's not aware of any attacks exploiting the vulnerabilities patched this week.
News URL
Related news
- Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited (source)
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Critical vulnerabilities persist in high-risk sectors (source)
- Palo Alto Networks tackles firewall-busting zero-days with critical patches (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-17 | CVE-2020-1647 | Double Free vulnerability in Juniper Junos On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, a double free vulnerability can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) due to processing of a specific HTTP message. | 9.8 |