Juniper Networks has fixed a critical pre-authentication remote code execution (RCE) vulnerability (CVE-2024-21591) in Junos OS on SRX firewalls and EX switches. About CVE-2024-21591 CVE-2024-21591 is an out-of-bounds write vulnerability that could allow an unauthenticated, network-based threat actor to carry out a denial-of service (DoS) attack, an RCE attack, or gain root privileges on exposed devices. “This issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory,” Juniper Networks … More

The post Juniper fixes critical RCE in its SRX firewalls and EX switches (CVE-2024-21591) appeared first on Help Net Security.