Cybersecurity Threat Advisory: Critical update for Juniper Networks routers
A high-severity vulnerability in Juniper Networks, known as CVE-2024-2973, has been exploited. The following flaw affects some of its router products and users need to address it early enough to avoid exploitation. Review this Cybersecurity Threat Advisory in full to learn about the security update and mitigate risks posed by this critical vulnerability.
What is the threat?
The vulnerability targets products for Session Smart Router, Session Smart Conductor, and WAN Assurance Router by Juniper Networks in high-availability redundant mode. Of all the vulnerabilities of computer networks, this one enables network-borne attackers to compromise the authentication controls and own the affected devices.
Why is it noteworthy?
This threat is particularly noteworthy due to its maximum severity with a CVSS score of 10.0. The affected routers are commonly used in critical network infrastructures, including data centers, telecommunications, and government services, where uninterrupted service and security are paramount. The proactive detection of this vulnerability during internal testing and the absence of active exploitation in the wild emphasize the importance of swift patching to maintain security integrity.
What is the exposure or risk?
The primary risk associated with this vulnerability is attackers can potentially gain unauthorized control over network devices, leading to severe consequences such as data breaches, service disruptions, and unauthorized access to sensitive information. Specifically, the impacted versions are:
- Session Smart router: Versions before 5.6.15, 6.0 before 6.1.9-lts, and 6.2 before 6.2.5-sts
- Session Smart Conductor: Versions before 5.6.15, 6.0 before 6.1.9-lts, and 6.2 before 6.2.5-sts
- WAN Assurance router: Versions 6.0 before 6.1.9-lts and 6.2 before 6.2.5-sts
Without immediate updates, organizations risk significant security breaches that could compromise critical network operations.
What are the recommendations?
Barracuda MSP recommends the following actions to mitigate this critical risk:
- Upgrade affected systems: Immediately update to the following patched software versions:
- Session Smart router: 5.6.15, 6.1.9-lts, and 6.2.5-sts
- WAN Assurance router: 6.1.9-lts and 6.2.5-sts
- Managed deployments: For deployments managed by a Conductor, upgrade the Conductor nodes to apply the fix automatically to connected routers. Direct upgrades of the routers are still recommended for comprehensive security.
- Automatic updates for MIST-managed routers: Ensure that MIST-managed WAN Assurance routers connected to the Mist Cloud are updated automatically, as the patch has already been applied to safeguard against potential exploitation.
- Monitor and maintain: Continuously monitor network security and maintain up-to-date systems to protect against future vulnerabilities.
- Follow security best practices: Implement robust cybersecurity measures and proactive vulnerability management to prevent similar threats.
By following these recommendations, organizations can effectively protect their network infrastructure from the significant risks posed by this critical vulnerability.
References:
For more in-depth information about the recommendations, please visit the following links:
- https://thehackernews.com/2024/07/juniper-networks-releases-critical.html
- https://thecyberexpress.com/juniper-networks-router-vulnerability/
- https://www.bleepingcomputer.com/news/security/juniper-releases-out-of-cycle-fix-for-max-severity-auth-bypass-flaw/
If you have any questions about this Cybersecurity Threat Advisory, please contact Barracuda XDR’s Security Operations Center.