"Juniper Networking Devices Under Attack"
The US Cybersecurity and Infrastructure Security Agency (CISA) requires US federal agencies to patch five vulnerabilities exploited by attackers to compromise Juniper networking devices. Most of these vulnerabilities are not particularly dangerous on their own, but they can and have been chained together by attackers to enable Remote Code Execution (RCE) on Internet-facing devices. Juniper Networks patched four flaws impacting the J-Web Graphical User Interface (GUI) of Junos OS-powered devices in late August 2023, and advised customers to update their SRX firewalls and EX switches. WatchTowr Labs researchers then published related technical details and a proof-of-concept (PoC) exploit combining the flaws. Attackers quickly began attempting to exploit the vulnerabilities. This article continues to discuss the exploited vulnerabilities CISA says federal agencies must patch quickly.
.
Help Net Security reports "Juniper Networking Devices Under Attack"
Submitted by grigby1