Security News > 2023 > November > Juniper networking devices under attack

Juniper networking devices under attack
2023-11-14 13:37

CISA has ordered US federal agencies to patch five vulnerabilities used by attackers to compromise Juniper networking devices, and to do so by Friday.

Juniper Networks fixed four flaws affecting the J-Web GUI of Junos OS-powered devices in late August 2023, and urged customers to update their SRX firewalls and EX switches to plug the security holes.

WatchTowr Labs researchers published related technical details and a PoC exploit combining the flaws and, very quickly, attackers began trying to exploit the vulnerabilities.

In late September, external researchers published a new variant of the SRX upload vulnerability, as well as an exploit for the code execution vulnerability that works without a previous file upload, prompting Juniper to stress the importance of fixing "The ability to execute code".

The urgency has increased last week, as Juniper confirmed last Wednesday that its incident response team is "Aware of successful exploitation of these vulnerabilities."

The agency has also added the CVE-2023-47246, the SysAid Server path traversal vulnerability exploited by Cl0p affiliates, to the catalog on the same day.


News URL

https://www.helpnetsecurity.com/2023/11/14/juniper-networking-devices-attack/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-11-10 CVE-2023-47246 Path Traversal vulnerability in Sysaid
In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.
network
low complexity
sysaid CWE-22
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Juniper 27 0 227 223 49 499