Juniper Networks has released security updates to address vulnerabilities affecting multiple products.

CVE-2024-21585: RDP process crash due to BGP flap on NSR-enabled devices. This issue only affects routers configured with non-stop routing (NSR) enabled. Graceful Restart (GR) helper mode, enabled by default, is also required for this issue to be exploitable.

This issue affects:

Juniper Network Junos7 OS

• All versions earlier than 20.4R3-S9
• 21.2 versions earlier than 21.2R3-S7
• 21.3 versions earlier than 21.3R3-S5
• 21.4 versions earlier than 21.4R3-S5
• 22.1 versions earlier than 22.1R3-S4
• 22.2 versions earlier than 22.2R3-S3
• 22.3 versions earlier than 22.3R3-S1
• 22.4 versions earlier than 22.4R2-S2, 22.4R3
• 23.2 versions earlier than 23.2R1-S1, 23.2R2

Juniper Networks Junos OS Evolved

• All versions earlier than 21.3R3-S3-EVO
• 21.4 versions earlier than 21.4R3-S5-EVO
• 22.1 versions earlier than 22.1R3-S4-EVO
• 22.2 versions earlier than 22.2R3-S3-EVO
• 22.3 versions earlier than 22.3R3-S1-EVO
• 22.4 versions earlier than 22.4R2-S2, 22.4R3-EVO
• 23.2 versions earlier than 23.2R1-S1, 23.2R2-EVO

An attacker could exploit this vulnerability and take control of the affected system.

Administrators are recommended to review their network for use of vulnerability Juniper Products and upgrade to latest releases.

Junos OS: 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S3, 22.3R3-S1, 22.4R2-S2, 22.4R3, 23.1R2, 23.2R1-S1, 23.2R2, 23.3R1, and all subsequent releases.

Junos OS Evolved: 21.3R3-S5-EVO, 21.4R3-S5-EVO, 22.1R3-S4-EVO, 22.2R3-S3-EVO, 22.3R3-S1-EVO, 22.4R2-S2-EVO, 22.4R3-EVO, 23.1R2-EVO, 23.2R1-S1-EVO, 23.2R2-EVO, 23.3R1-EVO, and all subsequent releases.