Skip to the content.

DIVD-2023-00035 - Remote Code Execution in Juniper Networks SRX- and EX-Series

Our reference DIVD-2023-00035
Case lead Alwin Warringa
Author Max van der Horst
Researcher(s)
CVE(s)
Products
  • Juniper Networks SRX-Series
  • Juniper Networks EX-Series
  • Junos OS
Versions
  • All versions before 20.4R3-S8
  • 21.2 versions prior to 21.2R3-S6
  • 21.3 versions prior to 21.3R3-S5
  • 21.4 versions prior to 21.4R3-S5
  • 22.1 versions prior to 22.1R3-S3
  • 22.2 versions prior to 22.2R3-S2
  • 22.3 versions prior to 22.3R2-S2, 22.3R3
  • 22.4 versions prior to 22.4R2-S1, 22.4R3.
Recommendation Upgrade by installing the issued patch as soon as possible.
Patch status patches available
Workaround Disable J-Web or limit access to trusted devices.
Status Closed
Last modified 06 May 2024 08:50 CEST

Summary

Multiple vulnerabilities have been discovered in Juniper Networks SRX- and EX-Series. By chaining these vulnerabilities, an unauthenticated attacker can achieve Remote Command Execution (RCE) and compromise the underlying operating system. Juniper urges everyone to upgrade to the patched versions as soon as possible.

Recommendations

Juniper has released a patch for all affected versions and urges users to install it as soon as possible. If this is not an option, disable J-Web or limit access to trusted devices.

What we are doing

DIVD is scanning for vulnerable systems. Owners of such systems will receive a notification with this casefile and remediation steps.

Timeline

Date Description
11 Sep 2023 DIVD starts scanning for this vulnerability.
11 Sep 2023 First version of this casefile.
11 Sep 2023 DIVD starts researching fingerprint
28 Nov 2023 DIVD identified vulnerable devices
29 Nov 2023 DIVD started notifying stakeholders
06 May 2024 Case closed.
gantt title DIVD-2023-00035 - Remote Code Execution in Juniper Networks SRX- and EX-Series dateFormat YYYY-MM-DD axisFormat %e %b %Y section Case DIVD-2023-00035 - Remote Code Execution in Juniper Networks SRX- and EX-Series (238 days) :2023-09-11, 2024-05-06 section Events DIVD starts scanning for this vulnerability. : milestone, 2023-09-11, 0d First version of this casefile. : milestone, 2023-09-11, 0d DIVD starts researching fingerprint : milestone, 2023-09-11, 0d DIVD identified vulnerable devices : milestone, 2023-11-28, 0d DIVD started notifying stakeholders : milestone, 2023-11-29, 0d Case closed. : milestone, 2024-05-06, 0d

More information