CISA has ordered US federal agencies to patch five vulnerabilities used by attackers to compromise Juniper networking devices, and to do so by Friday. Most of these bugs are not particularly severe by themselves, but they can be – and have been – chained together by attackers to achieve remote code execution on internet-facing vulnerable devices. The exploited vulnerabilities Juniper Networks fixed four flaws (numbered CVE-2023-36844 through CVE-2023-36847) affecting the J-Web GUI of Junos OS-powered … More

The post Juniper networking devices under attack appeared first on Help Net Security.