CVE-2024-39525

Summary

CVE-2024-39525 is an Improvper Handling of Exceptional Conditions vulnerability impacting Juniper Networks Junos OS and Junos OS Evolved. This issue allows unauthenticated attackers to send a specific BGP packet, causing the routing protocol daemon (rpd) to crash and restart, leading to a Denial of Service (DoS) condition. The vulnerability only affects systems with BGP traceoptions enabled and requires an established BGP session. Both IPv4 and IPv6 are susceptible to this issue, which impacts various Junos OS and Junos OS Evolved versions. Specifically, Junos OS versions prior to 21.2R3-S8, from 21.4 before 21.4R3-S8, from 22.2 before 22.2R3-S4, from 22.3 before 22.3R3-S4, from 22.4 before 22.4R3-S3, from 23.2 before 23.2R2-S1, and from 23.4 before 23.4R2, as well as Junos OS Evolved versions prior to 21.2R3-S8-EVO, from 21.4-EVO before 21.4R3-S8-EVO, from 22.2-EVO before 22.2R3-S4-EVO, from 22.3-EVO before 22.3R3-S4-EVO, from 22.4-EVO before 22.4R3-S3-EVO, from 23.2-EVO before 23.2R2-S1-EVO, and from 23.4-EVO before 23.4R2-EVO, are vulnerable to this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.