CVE-2024-21596

Summary

CVE-2024-21596 is a Heap-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved. An unauthenticated, network-based attacker can exploit this issue by sending a specific BGP UPDATE message, leading to a memory overwrite and resulting in a Denial of Service (DoS) condition in the backup Routing Engine (RE). The primary RE remains unaffected, but the issue is limited to devices with NSR enabled and requires an established BGP session to the targeted system. Affected versions for Juniper Networks Junos OS include all versions earlier than 20.4R3-S9, 21.2 versions earlier than 21.2R3-S7, and various other versions. For Junos OS Evolved, affected versions include all versions earlier than 21.3R3-S5-EVO and several other versions. Successful exploitation can result in a sustained DoS in the backup RE.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.