Juniper has released an out-of-band security update to patch four vulnerabilities.
Juniper says the four bugs can be combined to allow threat actors to run malicious code and take over its devices without needing to authenticate (pre-auth RCE attacks).
Vulnerable products include the company's SRX firewalls, and EX network switches.
https://supportportal.juniper.net/s/article/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution?language=en_US
Catalin Cimpanu /
npub1tq…3aefw
2023-08-20 15:06:32
Author Public Key
npub1tqfukrqgh928vktkl6vx063ck2c4yn3ek8m44v3txfhztqe65anq63aefwPublished at
2023-08-20 15:06:32Event JSON
{
"id": "323ecc38b1ede5cfeb9dd13abe0ded3b57603047c011c1d217fd00ecc8c2c423",
"pubkey": "5813cb0c08b954765976fe9867ea38b2b1524e39b1f75ab22b326e25833aa766",
"created_at": 1692543992,
"kind": 1,
"tags": [
[
"proxy",
"https://mastodon.social/users/campuscodi/statuses/110922563073588199",
"activitypub"
]
],
"content": "Juniper has released an out-of-band security update to patch four vulnerabilities.\n\nJuniper says the four bugs can be combined to allow threat actors to run malicious code and take over its devices without needing to authenticate (pre-auth RCE attacks).\n\nVulnerable products include the company's SRX firewalls, and EX network switches.\n\nhttps://supportportal.juniper.net/s/article/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution?language=en_US",
"sig": "34a6204095d979722074192cc979da494d344948523bc9e22d0452494dda49e3f8bf96331f3fd2459b1a1b3e0519e3b331d9acf71ec9844128b586b6adf53d08"
}