CVE-2021-0249 — Classic Buffer Overflow in Networks Junos OS

CWE-120 — Classic Buffer Overflow4 documents4 sources

Severity

9.8CRITICALNVD

CNA8.1

EPSS

0.4%

top 37.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos

Timeline

PublishedApr 22

Latest updateMay 24

Description

On SRX Series devices configured with UTM services a buffer overflow vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS may allow an attacker to arbitrarily execute code or commands on the target to take over or otherwise impact the device by sending crafted packets to or through the device. This issue affects: Juniper Networks Junos OS on SRX Series: 15.1X49 versions prior to 15.1X49-D190; 17.4 versions prior to 17.4R2-S9; 17.4R3 and later versions prior to 18.1R3-…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os15.1X49 — 15.1X49-D190+7

▶NVDjuniper/junos8 versions+7

🔴Vulnerability Details

GHSA

GHSA-4cwf-q6r9-gq5q: On SRX Series devices configured with UTM services a buffer overflow vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS↗2022-05-24

▶

CVEList

Junos OS: SRX Series: A remote attacker may be able to cause a PFE buffer overflow to arbitrarily remotely execute code or commands on the target device with UTM enabled.↗2021-04-22

▶

📋Vendor Advisories

Juniper

CVE-2021-0249: On SRX Series devices configured with UTM services a buffer overflow vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS↗2021-04-22

▶