CVE-2024-21602 : Vulnerability Insights and Analysis
CVE-2024-21602: NULL Pointer Dereference vulnerability in Juniper Networks Junos OS Evolved on specific hardware platforms, allowing for a Denial of Service attack.
This CVE-2024-21602 involves a NULL Pointer Dereference vulnerability in Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C, and ACX7100-48L, potentially allowing an unauthenticated, network-based attacker to trigger a Denial of Service (DoS) attack.
Understanding CVE-2024-21602
This section delves into the details of the CVE-2024-21602 vulnerability, its impact, technical description, affected systems, exploitation mechanism, and mitigation strategies.
What is CVE-2024-21602?
The CVE-2024-21602 vulnerability in Juniper Networks Junos OS Evolved on specific hardware platforms can be exploited by an attacker sending a specific IPv4 UDP packet to the Routing Engine (RE). This action can cause the packetio to crash and restart, leading to a brief traffic interruption that can escalate to a sustained DoS with continued reception of such packets. Notably, this issue does not occur with IPv6 packets.
The Impact of CVE-2024-21602
The vulnerability poses a high availability impact, allowing attackers to disrupt network services through a DoS attack. Juniper SIRT has not detected any malicious exploitation of this vulnerability to date.
Technical Details of CVE-2024-21602
This section outlines the technical aspects of the CVE-2024-21602 vulnerability, including its description, affected systems and versions, and exploitation mechanism.
Vulnerability Description
The NULL Pointer Dereference vulnerability in Junos OS Evolved on specified Juniper Networks hardware platforms enables an unauthenticated attacker to orchestrate a DoS attack by sending a particular IPv4 UDP packet to the RE.
Affected Systems and Versions
The vulnerability affects Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C, and ACX7100-48L versions, including:
- 21.4-EVO versions earlier than 21.4R3-S6-EVO
- 22.1-EVO versions earlier than 22.1R3-S5-EVO
- 22.2-EVO versions earlier than 22.2R2-S1-EVO, 22.2R3-EVO
- 22.3-EVO versions earlier than 22.3R2-EVO
Exploitation Mechanism
The vulnerability can be exploited through the injection of specific IPv4 UDP packets to the RE, triggering the packetio crash and subsequent DoS.
Mitigation and Prevention
As a network administrator or user, it is crucial to understand the immediate steps to take to address the CVE-2024-21602 vulnerability, as well as adopt long-term security practices to prevent future exploitation.
Immediate Steps to Take
Immediate actions include applying the provided software updates that resolve the vulnerability to prevent exploitation and ensure network stability.
Long-Term Security Practices
Implementing robust network security measures, regular vulnerability assessments, and staying informed about software updates and security advisories can help mitigate the risk of similar vulnerabilities in the future.
Patching and Updates
Juniper Networks has released updated software versions (21.4R3-S6-EVO, 22.1R3-S5-EVO, 22.2R2-S1-EVO, 22.2R3-EVO, 22.3R2-EVO, and 22.4R1-EVO) to address the CVE-2024-21602 vulnerability. It is recommended to apply these patches promptly to safeguard the network from potential attacks.