.webp)
A critical 9.3 CVSS 4.0 vulnerability has been discovered in Junos OS J-Web interface on SRX series firewall and EX series switches. Identified as CVE-2024-21591, this out-of-bounds write vulnerability impacts the J-Web interface of affected operating systems. The vulnerability is caused by an insecure function that allows an attacker to overwrite arbitrary memory. An unauthenticated, network-bound hacker can cause a Denial of Service (DoS) or Remote Code Execution (RCE) on the device to obtain root privileges. Juniper SIRT is not aware of any malicious exploitation of this vulnerability.
An attacker can perform a RCE or DoS remotely with no authentication or user interaction. If exploited, a complete loss of confidentiality, integrity, and availability could ensue. For these reasons, the impact of the vulnerability has been designated High .
This issue affects Juniper Networks Junos OS SRX Series and EX Series.
[system services web-management http]
or
[system services web-management https]
Review your hardware inventory for any Juniper Networks SRX or EX series firewalls and switches. If you have any of these devices, review the software versions and if they are out of date update accordingly.
The following software releases have been updated to resolve this specific issue:
Junos OS: 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S3, 22.3R3-S2, 22.4R2-S2, 22.4R3, 23.2R1-S1, 23.2R2, 23.4R1, and all subsequent releases.
Updating to one of the above versions will remediate the vulnerability.
There is a workaround which involves disabling J-Web or limiting access to only trusted host.
An attack that exploits this vulnerability could enable lateral movement or privilege escalation and therefore could be disastrous for any organization.
Follow vendor recommendations: The vendor has provided a solution and multiple workarounds to this vulnerability. Follow vendor recommendations for remediation efforts.
Associated Bulletins
https://www.cve.org/CVERecord?id=CVE-2024-21591
In December 2020, Ticketmaster was hit with a $10 million fine for an act of corporate espionage. The company had engaged in unauthorized access to a competitor's computer systems, using stolen login credentials to gather confidential business intelligence. Although this scandal broke nearly four years ago, it serves as a reminder of the legal and ethical responsibilities businesses must adhere to in today’s marketplace.
Hospitals and healthcare providers have increasingly become targets of cyberattacks, which pose significant risks to patient care and safety. This document examines the various ways in which cyberattacks can disrupt hospital operations, compromise patient data security, and ultimately affect the quality of patient care. It also explores strategies and best practices that hospitals can implement to mitigate these risks and enhance their cybersecurity posture.
Ethical hacking has become an essential response to an IT industry kept on its toes by a spectrum of bad actors with malicious intent. This article introduces two prominent methodologies that help the good guys fight back: penetration testing (pen-testing) and red teaming. Learn more here.
Host Geoff Hancock was joined by guests Mike Rush, Director of Threat Intelligence at Access Point Consulting; and Evie Manning, Senior Director of Threat Hunting and Intelligence at Access Point Consulting. Together, they talked about cyber threat intelligence and the applications that can make it work for small and medium-sized businesses.
