A denial-of-service vulnerability has been identified in Juniper Networks Junos OS, all versions prior to 21.2R3-S9, from 21.4 prior to 21.4R3-S10, from 22.2 prior to 22.2R3-S7, from 22.3 prior to 22.3R3-S4, from 22.4 prior to 22.4R3-S5, from 23.2 prior to 23.2R2-S3, from 23.4 prior to 23.4R2-S3, and from 24.2 prior to 24.2R1-S2, 24.2R2. This vulnerability arises from improper handling of exceptional conditions in packet processing, allowing an unauthenticated, network-adjacent attacker to send a specifically malformed ICMPv4 packet that causes a forwarding plane component (FPC) to crash and restart. The malformed packet is not forwarded by adjacent upstream routers, limiting the attack surface to adjacent networks.
Exploitation of this vulnerability causes the affected FPC to crash and restart, leading to a denial-of-service condition.
Users can upgrade to Junos OS versions 20.2R3-S10, 21.2R3-S9, 21.4R3-S10, 22.2R3-S7, 22.3R3-S4, 22.4R3-S5, 23.2R2-S3, 23.4R2-S3, 24.2R1-S2, 24.2R2, 24.4R1, or any subsequent release. Instructions for downloading these updates are available on the Juniper Networks Customer Support website.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
