Juniper Networks Junos OS Vulnerability Allows Remote DoS Attacks

CVECVE-2023-22417
CVSScvssV3_1: 7.5
SourceCVE-2023-22417

Juniper Networks’ popular networking operating system Junos OS is affected by a vulnerability that allows remote attackers to cause denial of service (DoS) attacks.

The vulnerability exists in the Flow Processing Daemon (flowd) component of Junos OS. Flowd is responsible for processing network traffic flows and maintaining stateful connections. A memory leak flaw can be triggered in flowd if IPsec VPNs using DH or ECDH encryption groups are configured.

Hackers can exploit this from the network without any authentication. They can craft special packets that cause flowd to continuously leak memory with repeated connections. This will eventually crash flowd, disrupting the network connectivity and services reliant on it until it automatically restarts.

Organizations using affected Junos OS versions in their Juniper SRX firewalls, routers and other devices are at risk of remote DoS attacks. To protect networks, users should immediately update to the latest versions mentioned in the advisory as they have fixes for this vulnerability. Proper firewall rules should also drop unsolicited traffic from untrusted sources to further reduce risks.

References