Rewterz Threat Alert – Malvertising Campaign Delivers Trojanized PyCharm Software via Google Search Ads – Active IOCs
November 2, 2023Rewterz Threat Alert – Donot APT Group – Active IOCs
November 2, 2023Rewterz Threat Alert – Malvertising Campaign Delivers Trojanized PyCharm Software via Google Search Ads – Active IOCs
November 2, 2023Rewterz Threat Alert – Donot APT Group – Active IOCs
November 2, 2023Severity
Medium
Analysis Summary
CVE-2023-28975 CVSS:5.4
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an unexpected status code or return value flaw in the kernel. By using a specially crafted USB device, a physical attacker could exploit this vulnerability to cause the kernel to crash, and results in a denial of service condition.
CVE-2023-28964 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an improper handling of length parameter inconsistency vulnerability in the routing protocol daemon (rpd). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause an RPD crash.
CVE-2023-28974 CVSS:7.4
Juniper Networks Junos OS is vulnerable to a denial of service, caused by improper check for unusual or exceptional conditions flaw in the bbe-smgd process. By sending specially crafted packets, a remote attacker could exploit this vulnerability to cause the bbe-smgd process to crash, and results in a denial of service condition.
CVE-2023-28968 CVSS:5.3
Juniper Networks Junos OS could allow a remote attacker to bypass security restrictions, caused by an improperly controlled sequential memory allocation vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to stop the JDPI-Decoder from identifying dynamic application traffic.
CVE-2023-28970 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an improper check or handling of exceptional conditions vulnerability in packet processing on the network interfaces. By sending a specific packet, a remote attacker could exploit this vulnerability to cause a kernel crash.
CVE-2023-28967 CVSS:7.5
Juniper Networks Junos OS and Junos OS Evolved is vulnerable to a denial of service, caused by an use of uninitialized resource vulnerability in the Border Gateway Protocol (BGP) software. By send specific genuine BGP packets, a remote attacker could exploit this vulnerability to crash the Routing Protocol Daemon (rpd).
CVE-2023-28983 CVSS:8.8
Juniper Networks Junos OS Evolved could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw in gRPC Network Operations Interface (gNOI) server module. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2023-28978 CVSS:5.3
Juniper Networks Junos OS Evolved could allow a remote attacker to obtain sensitive information, caused by an insecure default initialization of resource vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.
CVE-2023-28972 CVSS:6.8
Juniper Networks Junos OS could allow a local attacker to bypass security restrictions, caused by an improper link resolution before file access vulnerability in console port access. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass console access controls.
CVE-2023-36851 CVSS:5.3
Juniper Networks Junos OS could allow a remote attacker to bypass security restrictions, caused by a missing authentication for critical function flaw. By sending a specially crafted request to the webauth_operation.php script file, an attacker could exploit this vulnerability to upload arbitrary files.
CVE-2023-36840 CVSS:5.4
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an unexpected status code or return value flaw in the kernel. By using a specially crafted USB device, a physical attacker could exploit this vulnerability to cause the kernel to crash, and results in a denial of service condition.
CVE-2023-36834 CVSS:6.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an incomplete internal state distinction vulnerability in the packet forwarding engine (PFE). By sending a specially crafted packets, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-36835 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an improper check for unusual or exceptional conditions vulnerability in the Packet Forwarding Engine (PFE). By sending a specially crafted packets, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-36833 CVSS:6.5
Juniper Networks Junos OS Evolved is vulnerable to a denial of service, caused by an use-after -free vulnerability in the packet forwarding engine (PFE). By sending a specially crafted packets, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-36850 CVSS:6.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an improper validation of specified index, position, or offset in Input vulnerability in the Connectivity Fault Management(CFM) module. By sending a specially crafted packets, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-28959 CVSS:6.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an improper check or handling of exceptional conditions vulnerability in packet processing. By sending a malformed packet, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-28979 CVSS:4.7
Juniper Networks Junos OS could allow a remote attacker to bypass security restrictions, caused by improper check for unusual or exceptional conditions in the kernel. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass an integrity check.
CVE-2023-28976 CVSS:8.6
Juniper Networks Junos OS is vulnerable to a denial of service, caused by improper check for unusual or exceptional conditions flaw in the packet forwarding engine (PFE). By sending specially crafted network traffic, a remote attacker could exploit this vulnerability to cause PFE to crash and restart, and results in a denial of service condition.
CVE-2023-28973 CVSS:7.1
Juniper Networks Junos OS Evolved could allow a local authenticated attacker to bypass security restrictions, caused by an improper authorization vulnerability in the ‘sysmanctl’ shell command. By sending a specially crafted request, an attacker could exploit this vulnerability to execute administrative commands.
CVE-2023-28960 CVSS:7.5
Juniper Networks Junos OS Evolved could allow a local authenticated attacker to bypass security restrictions, caused by an incorrect permission assignment for critical resource flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to inject files into Docker containers.
CVE-2023-28984 CVSS:5.4
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an unexpected status code or return value flaw in the kernel. By using a specially crafted USB device, a physical attacker could exploit this vulnerability to cause the kernel to crash, and results in a denial of service condition.
CVE-2023-28985 CVSS:7.5
Juniper Networks SRX Series and MX Series are vulnerable to a denial of service, caused by an improper validation of syntactic correctness of input vulnerability in Intrusion Detection and Prevention (IDP). By sending a specially crafted packets, a remote attacker could exploit this vulnerability to cause a denial of service.
Impact
- Denial of Service
- Security Bypass
- Gain Access
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-28975
- CVE-2023-28964
- CVE-2023-28974
- CVE-2023-28968
- CVE-2023-28970
- CVE-2023-28967
- CVE-2023-28983
- CVE-2023-28978
- CVE-2023-28972
- CVE-2023-36851
- CVE-2023-36840
- CVE-2023-36834
- CVE-2023-36835
- CVE-2023-36833
- CVE-2023-36850
- CVE-2023-28959
- CVE-2023-28979
- CVE-2023-28976
- CVE-2023-28973
- CVE-2023-28960
- CVE-2023-28984
- CVE-2023-28985
Affected Vendors
Juniper
Affected Products
- Juniper Networks Junos OS
- Juniper Networks MX Series
- Juniper Networks Junos OS Evolved
- Juniper Networks SRX Series
- Juniper Networks EX Series
- Juniper Networks QFX Series
- Juniper Networks Junos OS 21.1
- Juniper Networks Junos OS 21.2
- Juniper Networks Junos OS 21.3
- Juniper Networks Junos OS 21.4
- Juniper Networks Junos OS 22.1
- Juniper Networks Junos OS 22.2
- Juniper Networks Junos OS 22.3
- Juniper Networks Junos OS 22.4
- Juniper Networks Junos OS 23.2
- Juniper Networks Junos OS 19.4
- Juniper Networks Junos OS 20.1
- Juniper Networks Junos OS 20.2
- Juniper Networks Junos OS 20.3
- Juniper Networks Junos OS 20.4
- Juniper Networks Junos OS Evolved 20.4
- Juniper Networks Junos OS Evolved 21.2
- Juniper Networks Junos OS Evolved 21.3
- Juniper Networks Junos OS Evolved 21.4
- Juniper Networks Junos OS Evolved 22.1
- Juniper Networks Junos OS Evolved 22.2
- Juniper Networks Junos OS Evolved 22.3
Remediation
Refer to Juniper Networks Security Advisory for patch, upgrade or suggested workaround information.