A newly discovered vulnerability, CVE-2023-44175, has been identified in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved. This issue allows an attacker to send specific genuine Protocol Independent Multicast (PIM) packets to a targeted Juniper device, causing its rpd to crash and subsequently triggering a Denial of Service (DoS) event. Continuous receipt or processing of such packets could lead to a sustained DoS condition.

It should be noted that this vulnerability does not appear to impact networks consisting solely of Juniper devices.

Exploit Details

While specific details and demonstration code snippets are not provided to avoid potential malicious use, the vulnerability is rooted in the rpd's handling of Protocol Independent Multicast (PIM) packets. A malicious actor with knowledge of the affected device's IP address could send specially-crafted PIM packets that trigger the rpd crash and thus cause a DoS.

Mitigation and Recommendations

Fortunately, Juniper Networks has released patches for the affected devices. Users are strongly encouraged to update their devices to the latest, secure version as follows:

* Upgrade to 23.2R1-EVO or later (for 23.2-EVO.x)

You can find more information about this vulnerability and the relevant patches in the original Juniper Networks Security Advisory here.

Conclusion

CVE-2023-44175 is a critical vulnerability affecting the routing protocol daemon (rpd) in Juniper Networks Junos OS and Junos OS Evolved. Immediate action should be taken to patch affected systems and protect against potential DoS attacks.

Timeline

Published on: 10/12/2023 23:15:11 UTC
Last modified on: 10/19/2023 17:47:15 UTC