A month after a patch was released, an overwhelming majority of Juniper’s SRX firewalls and EX Series switches remain vulnerable to a group of flaws which, when combined, can result in remote code execution, according to threat intelligence platform provider, VulnCheck.
In its findings, The Register reports, VulnCheck says that on August 17, Juniper announced finding, and patching, five separate vulnerabilities affecting all versions of Junos OS on SRX firewalls and EX Series switches.
These vulnerabilities are now tracked as CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847, and CVE-2023-36851. While individually they carry a 5.3 severity rating, collectively they earned a 9.8 score and have been deemed critical. Some researchers say that by chaining these five, threat actors are able to achieve remote code execution, which could lead to a whole host of other issues, such as malware deployment. Other researchers believe that chaining just some will suffice.
Exploiting known flaws
Now, a month later, roughly four in five (79%) public-facing Juniper SRX firewalls and EX Series switches are yet to be patched up and remain vulnerable to these flaws. To make matters worse, more than ten days ago Juniper updated its security advisory to say it observed threat actors attempting to exploit these flaws.
According to numerous research, hackers are more inclined towards abusing older, known flaws, rather than trying to discover their own zero-day vulnerabilities. That is because older flaws already have proof-of-concepts and are easily exploited, especially knowing that many firms aren’t that diligent when it comes to applying patches and upgrades.
To remain secure, businesses are advised to apply new fixes and patches as soon as they roll out or to have a solid patching schedule to adhere to.
If you’re unsure whether or not your firewall is vulnerable to CVE-2023-36845, VulnCheck has released a free scanning tool which you can find on this link.
More from TechRadar Pro
- Google Ads are being hijacked to serve up dangerous malware
- Here's a list of the best endpoint protection services
- Looking for a good firewall? Here are the best firewalls right now
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.