Security News > 2023 > November > Juniper networking devices under attack
CISA has ordered US federal agencies to patch five vulnerabilities used by attackers to compromise Juniper networking devices, and to do so by Friday.
Juniper Networks fixed four flaws affecting the J-Web GUI of Junos OS-powered devices in late August 2023, and urged customers to update their SRX firewalls and EX switches to plug the security holes.
WatchTowr Labs researchers published related technical details and a PoC exploit combining the flaws and, very quickly, attackers began trying to exploit the vulnerabilities.
In late September, external researchers published a new variant of the SRX upload vulnerability, as well as an exploit for the code execution vulnerability that works without a previous file upload, prompting Juniper to stress the importance of fixing "The ability to execute code".
The urgency has increased last week, as Juniper confirmed last Wednesday that its incident response team is "Aware of successful exploitation of these vulnerabilities."
The agency has also added the CVE-2023-47246, the SysAid Server path traversal vulnerability exploited by Cl0p affiliates, to the catalog on the same day.
News URL
https://www.helpnetsecurity.com/2023/11/14/juniper-networking-devices-attack/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-10 | CVE-2023-47246 | Path Traversal vulnerability in Sysaid On-Premises In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023. | 9.8 |