Security News > 2023 > November > CISA warns of actively exploited Juniper pre-auth RCE exploit chain
CISA warned federal agencies today to secure Juniper devices on their networks by Friday against four vulnerabilities now used in remote code execution attacks as part of a pre-auth exploit chain.
The alert comes one week after Juniper updated its advisory to notify customers that the flaws found in Juniper's J-Web interface have been successfully exploited in the wild.
The warnings come after the ShadowServer threat monitoring service revealed it was already detecting exploitation attempts on August 25th, one week after Juniper released security updates to patch the flaws and as soon as watchTowr Labs security researchers also released a proof-of-concept exploit.
Today, CISA also added the four actively exploited Juniper vulnerabilities to its Known Exploited Vulnerabilities Catalog, tagging them as "Frequent attack vectors for malicious cyber actors" and posing "Significant risks to the federal enterprise."
After today's KEV catalog update, federal agencies must complete the upgrading of all Juniper devices within the next four days, by November 17th. While BOD 22-01 primarily targets U.S. federal agencies, CISA strongly encourages all organizations, including private companies, to prioritize patching the vulnerabilities as soon as possible.
Thousands of Juniper devices vulnerable to unauthenticated RCE flaw.
News URL
Related news
- CISA: Network switch RCE flaw impacts critical infrastructure (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- Akira and Fog ransomware now exploit critical Veeam RCE flaw (source)
- Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch (source)
- CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed (source)