Critical vulnerabilities in Juniper Networks devices enable multiple cyberattack variants

Network and cybersecurity solutions company Juniper Networks announced the patching of a vulnerability that would allow threat actors to hijack sessions on affected devices. Tracked as CVE-2021-0254, the flaw directly impacts the operation of Junos, Juniper Networks’ operating system.

360 Mobile Vision - North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

The flaw was discovered by researcher Nguyễn Hoàng Thạch, also known as D4rkn3ss, who mentions that this is the most serious vulnerability ever identified in a Juniper product, which was reported more than six months ago.

Juniper’s security alert also mentions that the vulnerability could be exploited by unauthenticated remote threat actors to perform arbitrary code execution attacks or trigger denial of service (DoS) conditions. Abuse of this flaw requires sending specially designed packages to the target system, so generating the DoS condition would be relatively easy.  

On the other hand, D4rkn3ss mentions that an attacker who successfully exploits this vulnerability could gain root access to the target system and then install a backdoor or make any modifications to the target device settings. In addition, exploitation does not require the interaction of the target user and can be chained with other attacks.

Critical vulnerabilities in Juniper Networks devices enable multiple cyberattack variants

The report notes that remote attacks are theoretically possible, although devices vulnerable to this attack are generally not exposed on the Internet, so an opposite would result from multiple unusual configuration errors.

Juniper also mentions that the daemon handles Overlay and OAM packets, a service run as root by default and listening for UDP connections on port 4789: “This issue exists due to incorrect validation of buffer size, which could lead to overflow and eventual remote code execution,” the company notes.

This daemon runs by default on MX and ACX routers, and is also present on Juniper QFX switches. The company concludes by mentioning that no evidence of active exploitation of flaws has been found, although they point out that the attack can be launched against other default configurations, so they recommend that administrators audit the security of their network devices.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post Critical vulnerabilities in Juniper Networks devices enable multiple cyberattack variants appeared first on Cyber Security News | Exploit One | Hacking News.

By admin