Published on: 20 September 2023
Juniper Networks has published a security advisory to address multiple vulnerabilities in Junos OS on Juniper EX Series and SRX Series. Detailed information about the vulnerabilities can be found at:
https://supportportal.juniper.net/s/article/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution
Reports indicate that the technical details of multiple vulnerabilities (CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847 and CVE-2023-36851) in Juniper Networks Junos OS on Juniper EX Series and SRX Series are publicly available. These vulnerabilities can be used in conjunction to achieve a remote code execution without authentication required. System administrators are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.
For detailed information of the affected products, please refer to the corresponding security advisory at vendor's website.
Successful exploitation of the vulnerabilities could lead to remote code execution or tampering on an affected system.
Patches for affected products are available. System administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.