Software vulnerabilities are everywhere, meaning they can be found not only in lesser products (weakly coded third-party apps or software lacking a proper security standard) but they can be found in any software product belonging to any software vendor out there. Case in point, recent news has seen a slew of vulnerabilities in products belonging to established leaders in IT, telecommunications, and networking. A good example of just how important it is in the IT industry to iron out software vulnerabilities often called ‘bugs’, is when half-million-dollar bounties are offered to specialists who can find them.
These ‘bugs’ are what can cause big problems when cybercriminals choose to exploit them on a vulnerable (unpatched) system. To put this into perspective by borrowing a paragraph from The Scientific American, “Software development is not a perfect process. Programmers often work on timelines set by management teams that attempt to set reasonable goals, though it can be a challenge to meet those deadlines. As a result, developers do their best to design secure products as they progress but may not be able to identify all flaws before an anticipated release date.”
Software security flaws affect every industry out there that operates in the digital realm or holds data there. This can be anything from consulting to network asset management. This time, news has been released detailing a shocking 35 vulnerabilities found in American network asset management giant Juniper‘s Junos Space product. The Junos Space product is one of Juniper’s most widely used products. Juniper Networks products are also used by U.S. government institutions that make over 1 billion dollars in revenue and employ over 10,000 people.
The Junos Space Network Management Platform is a ‘centralized’ platform that manages network devices. It works with Juniper’s management applications to simplify and automate the management of several ‘switching, routing and security devices.’ Junos Space is a comprehensive solution that improves scaling operations, reduces complexity, and is a unified product that makes deploying new services more efficient.
Juniper Junos Space Vulnerability
On August 17th, 2021 a report was released on Juniper’s Info Center web page describing multiple vulnerabilities in their Junos Space network management platform product. A total of 35 software vulnerabilities have been discovered, of which 5 have been exploited publicly, so far.
Below are the CVE (Common Vulnerabilities and Exposures) ID codes for each of the 35 vulnerabilities. The CVE ID codes are ascribed to each vulnerability, more details are given below;
Here is a summary of the shared issues among the vulnerabilities found; out-of-bounds write, buffer over-read, out-of-bounds read, buffer overflows, file and directory access bugs, null pointer dereference, use-after-free memory flaws, elevation of privilege flaw, improper privilege management, assertion failures, ICMP packet security flaws, memory resource flaws, Java coding flaws, encoding flaws, kernel pointer leaks.
Of the 35 exploits found, 5 of them have a public exploit. Here are the details;
- CVE-2020-1472 (Critical risk)
- CVE-2020-1983 (Medium risk)
- CVE-2020-1971 (Medium risk)
- CVE-2020-14364 (Medium risk)
- CVE-2020-25705 (Medium risk)
To summarize, these vulnerabilities have the following issues; access, permission and privilege, use-after-free, NULL pointer dereference, out-of-bounds write and finally use of insufficiently random values.
Important User Information
All of the security flaws discovered above in Junos Space can lead to potential dangers from remote cybercriminals such as; execution of arbitrary code, denial of service attacks, unprivileged user access, remote access to critical data, system crashes, and privilege escalation.
It is highly recommended that users update their Junos Space versions if they are using version 21.2R1 or earlier here. Juniper also recommends the following; “To reduce the risk of exploitation of these issues, use access lists or firewall filters to limit access to the device to only trusted administrative networks, hosts and users.”