Juniper Networks Releases Critical Security Update for Routers


Juniper Networks has released out-of-band security updates to address a critical security flaw that could lead to an authentication bypass in some of its routers.

The vulnerability, tracked as CVE-2024-2973, carries a CVSS score of 10.0, indicating maximum severity.

“An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or Conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device,” the company said in an advisory issued last week.

Read more…