Beware of DDoS Attacks on Juniper Networks Routers!

CVECVE-2024-21602
CVSScvssV3_1: 7.5
SourceCVE-2024-21602

Juniper Networks routers running specific versions of Junos OS Evolved are vulnerable to denial-of-service (DDoS) attacks. According to CVE-2024-21602, attackers can cause the routing engine (RE) to crash and restart by sending malicious IPv4 UDP packets. This will interrupt traffic flow temporarily. Sending continuous packets will lead to a sustained outage.

The affected models are ACX7024, ACX7100-32C and ACX7100-48L running versions earlier than those mentioned in the advisory. Versions prior to 21.4R1-EVO are not vulnerable.

By sending crafted packets, remote attackers can exploit a null pointer dereference bug to crash critical components without authentication. This allows easy disruption of network services.

To protect yourself, administrators should immediately update their Juniper routers to the latest fixed versions. Regularly applying security patches is important to close vulnerabilities over time. You can also implement firewall rules and ACLs to filter incoming traffic to known ports to prevent exploitation attempts.

Staying on top of advisories and patching promptly helps avoid downtime from DDoS and other attacks targeting known issues. Prioritizing router security ensures smooth network operations.

References