CISA Sets a Deadline - Patch Juniper Junos OS Flaws Before November 17


Federal agencies and businesses have been given until November 17, 2023, by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to implement mitigations to safeguard against several security issues in Juniper Junos OS that were discovered in August.

According to Juniper, the vulnerabilities may be combined into an attack chain to allow for remote code execution on unpatched devices. CVE-2023-36851, which has been characterized as an SRX upload vulnerability variant, has also been added to the list.

In a November 8, 2023, update to its warning, Juniper stated that it is “now aware of successful exploitation of these vulnerabilities” and advised users to upgrade to the most recent versions right away.

Read More…