CVE-2024-47494

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Oct 11, 2024
Updated: Oct 15, 2024
CWE ID 367

Summary

CVE-2024-47494 is a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability affecting multiple versions of Juniper Networks' Junos OS, specifically those prior to version 21.4R3-S9 and various versions in the 22.x and 23.x series. This vulnerability allows an attacker to exploit the AgentD process, potentially causing memory corruption that leads to a Denial of Service (DoS) by crashing the FPC. Although the FPC will automatically recover without user intervention, this vulnerability poses a medium severity risk with an exploitability score of 2.2 and could disrupt network availability. To remediate this issue, users should upgrade their systems to the latest versions specified by Juniper Networks. It is important to note that Junos OS Evolved is not affected by this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share