Beware of Denial of Service Attacks on Juniper Networks Junos OS!

CVECVE-2023-36835
CVSScvssV3_1: 7.5
SourceCVE-2023-36835

Juniper Networks Junos OS, which powers many enterprise networking devices like QFX10000 Series switches, is affected by a vulnerability that can allow remote attackers to cause devices to stop forwarding traffic.

The vulnerability is due to improper validation of IP packets received for routing over VXLAN tunnels. By sending a specially crafted packet, an attacker on the network can trigger a “wedge condition” in the Packet Forwarding Engine (PFE) component of Junos OS. This will make the device stop routing traffic until it is rebooted, causing a denial of service.

Versions 20.3 up to R1, 20.4 up to R3-S5, 21.1 up to R3-S5, 21.2 up to R3-S5, 21.3 up to R3-S4, 21.4 up to R3-S1, 22.1 up to R3, and 22.2 up to R2 are all vulnerable to this attack.

If you use Juniper networking devices in your organization, make sure to update to the latest versions mentioned in the Juniper Security Advisory to patch this vulnerability. You should also monitor your devices for signs of reduced performance or connectivity issues, which could indicate an attack is underway. Taking prompt action can help minimize downtime from denial of service attacks on your critical networking infrastructure.

References