Sunday , March 9 2025
juniper

Juniper warns of critical RCE bug in firewalls and switches

infosecbulletin Saturday , January 13 2024 International, Vulnerabilities

Juniper Networks released security updates to fix a critical vulnerability in its SRX Series firewalls and EX Series switches. The vulnerability allows remote code execution (RCE) without authentication.

A critical security flaw named CVE-2024-21591 was found in devices’ J-Web configuration interfaces. It can be exploited by unauthenticated attackers to gain root privileges or launch denial-of-service (DoS) attacks on unpatched devices.

Ransomware Attacks Set Records in February: New Data Shows

By infosecbulletin / Sunday , March 9 2025
Ransomware attacks reached a record high in February, surpassing previous months, according to a Cyble report. The Cyble report tracked...
Read More
Ransomware Attacks Set Records in February: New Data Shows

Cyber attack at Japanese telecom leader NTT hits 18,000 companies

By infosecbulletin / Saturday , March 8 2025
NTT Communications Corporation discovered illegal access to its facilities on February 5 and confirmed on February 6 that some information...
Read More
Cyber attack at Japanese telecom leader NTT hits 18,000 companies

Cyber heist: Pune losses Rs 6007 crore in cyber scam

By infosecbulletin / Friday , March 7 2025
India's Maharashtra Deputy Chief Minister Devendra Fadnavis disclosed alarming cyber fraud figures for Pune in 2024 during the Assembly session....
Read More
Cyber heist: Pune losses Rs 6007 crore in cyber scam

Nearly 1 million airport lost and found records leaked

By infosecbulletin / Friday , March 7 2025
Cybersecurity researcher Jeremiah Fowler found that over a dozen unprotected databases from the German firm Lost and Found Software exposed...
Read More
Nearly 1 million airport lost and found records leaked

Exploiting CVE-2024-4577, Attackers Target Japan with Cobalt Strike

By infosecbulletin / Friday , March 7 2025
Cisco Talos found that an unknown attacker has been targeting organizations in Japan since January 2025. The attacker exploited the...
Read More
Exploiting CVE-2024-4577, Attackers Target Japan with Cobalt Strike

Sleeping Beauty
Researchers Bypassed CrowdStrike Falcon Sensor partially

By infosecbulletin / Friday , March 7 2025
SEC Consult researchers found a vulnerability in CrowdStrike's Falcon Sensor, enabling attackers to evade detection and run malicious applications. The...
Read More
Sleeping Beauty Researchers Bypassed CrowdStrike Falcon Sensor partially

CVE-2025-22224
41,500+ VMware ESXi Instances Vulnerable to Attacks

By infosecbulletin / Thursday , March 6 2025
As of March 4, 2025, Shadowserver found that over 41,500 internet-exposed VMware ESXi hypervisors are vulnerable to the actively exploited...
Read More
CVE-2025-22224 41,500+ VMware ESXi Instances Vulnerable to Attacks

Register Now
AI Engineering Hackathon: Registration Open

By infosecbulletin / Wednesday , March 5 2025
On April 19, 2025 (Saturday), Brain Station 23 and Poridhi are jointly going to organize "AI ENGINEERING HACKATHON". The prize...
Read More
Register Now AI Engineering Hackathon: Registration Open

Cisco alerts about a Webex flaw that exposes credentials

By infosecbulletin / Wednesday , March 5 2025
Cisco has alerted customers about a vulnerability in Webex for BroadWorks that could allow unauthorized attackers to access credentials remotely....
Read More
Cisco alerts about a Webex flaw that exposes credentials

NVIDIA Issues Warning of Multiple Vulnerabilities

By infosecbulletin / Wednesday , March 5 2025
NVIDIA has released urgent security advisories for multiple vulnerabilities in its Hopper HGX 8-GPU High-Performance Computing platforms. A critical flaw...
Read More
NVIDIA Issues Warning of Multiple Vulnerabilities

“This issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory,” the company explained in a security advisory published Wednesday.

Juniper stated that they have found no evidence of the vulnerability being exploited in the real world.
The list of vulnerable Junos OS versions affected by the SRX Series and EX Series J-Web bug is:

Junos OS versions earlier than 20.4R3-S9
Junos OS 21.2 versions earlier than 21.2R3-S7
Junos OS 21.3 versions earlier than 21.3R3-S5
Junos OS 21.4 versions earlier than 21.4R3-S5
Junos OS 22.1 versions earlier than 22.1R3-S4
Junos OS 22.2 versions earlier than 22.2R3-S3
Junos OS 22.3 versions earlier than 22.3R3-S2
Junos OS 22.4 versions earlier than 22.4R2-S2, 22.4R3

“The bug has been fixed in all subsequent Junos OS releases from 20.4R3-S9 onwards.”

Admins are advised to promptly update their security or upgrade JunOS to the latest version; alternatively, disable the J-Web interface to eliminate the attack possibility.

Another temporary workaround is to restrict J-Web access to only trusted network hosts until patches are deployed.

According to data from nonprofit internet security organization Shadowserver, more than 8,200 Juniper devices have their J-Web interfaces exposed online, most from South Korea (Shodan also tracks over 9,000).

In November, CISA warned about a Juniper exploit called Juniper pre-auth RCE. It is being used by hackers and consists of four bugs known as CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, and CVE-2023-36847. This exploit affects Juniper’s SRX firewalls and EX switches.

Check Also

Singapore

Singapore issues new guidelines for data center and cloud services

The Infocomm Media Development Authority (IMDA of Singapore unveils advisory guidelines to reduce occurrences of …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin