CVE-2023-36848

Summary

CVE-2023-36848 is an Improper Handling of Undefined Values vulnerability affecting Juniper Networks Junos OS on MX Series routers (excluding MPC10, MPC11, and LC9600). Malformed CFM packets can cause a Denial of Service (DoS) by triggering a FPC crash in the periodic packet management daemon (PPMD). Continuous receipt of these malformed packets leads to a sustained DoS condition. This vulnerability affects various Junos OS versions on MX Series routers, including prior versions of 19.1R3-S10, 19.2R3-S7, 19.3R3-S8, 19.4R3-S12, and several others. Unauthenticated adjacent attackers can exploit this vulnerability to cause a denial of service.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.