Juniper Networks Junos OS MX Series Firewall Filter Bypass Vulnerability

A vulnerability in the packet forwarding engine of Juniper Networks Junos OS on MX Series devices allows an unauthenticated, network-based attacker to bypass configured firewall filters and access the device's control plane. This issue occurs on MX platforms with MPC10, MPC11, LC4800, LC9600 line cards, and MX304, affecting all versions prior to 23.2R2-S6, 23.4 versions prior to 23.4R2-S7, 24.2 versions prior to 24.2R2, and 24.4 versions prior to 24.4R2. The vulnerability arises because firewall filters applied to non-zero loopback interfaces in the global VRF or default routing instance are not executed. As a result, filters may not be applied as intended, leaving the control plane accessible without proper protection.

Impact

Exploitation of this vulnerability allows for unauthorized access to the control plane of the affected device, bypassing firewall protections that should be in place.

Remediation

Users can rename the affected loopback logical unit from a non-zero value to zero, which will resolve the issue. The vulnerability has also been fixed in the Junos OS releases 23.2R2-S6, 23.4R2-S7, 24.2R2, 24.4R2, 25.2R1, and all subsequent releases.