CVE-2023-44175

Summary

CVE-2023-44175 is a Reachable Assertion vulnerability impacting the routing protocol daemon (rpd) in Juniper Networks Junos OS and Junos OS Evolved. A maliciously crafted PIM packet can cause the rpd to crash, resulting in a Denial of Service (DoS) condition. This issue does not pose a threat when all devices on the network are Juniper. Affected Junos OS versions include all releases prior to 20.4R3-S7, 21.2 versions prior to 21.2R3-S5, 21.3 versions prior to 21.3R3-S4, 21.4 versions prior to 21.4R3-S4, 22.1 versions prior to 22.1R3-S4, 22.2 versions prior to 22.2R3, 22.3 versions prior to 22.3R3, and 22.4 versions prior to 22.4R3. Junos OS Evolved versions affected are all releases prior to 22.3R3-EVO, 22.4-EVO versions prior to 22.4R3-EVO, and 23.2-EVO versions prior to 23.2R1-EVO. Continued receipt and processing of the malicious packet leads to a sustained DoS condition.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.