Orangecertcc

**Name of the Vulnerable Software and Affected Versions:** Juniper Networks Junos OS versions 23.2 through 23.2R2-S4 Juniper Networks Junos OS versions 23.4 through 23.4R2-S5 Juniper Networks Junos OS versions 24.2 through 24.2R2-S1 Juniper Networks Junos OS versions 24.4 through 24.4R1-S3 Juniper Networks Junos OS version 24.4R2 **Description:** An incorrect permission assignment for a critical resource in line card script processing allows a local, low-privileged user to install scripts that are executed as root, leading to privilege escalation. A local user with access to the local file system can copy a script to the router in a way that will be executed as root during system boot. Execution of the script as root can lead to complete system control. This issue affects specific line cards, including the MPC10, MPC11, LC4800, LC9600, MX304-LMIC16, SRX4700, and EX9200-15C. **Recommendations:** Juniper Networks Junos OS versions prior to 23.2R2 should be upgraded. Juniper Networks Junos OS versions prior to 23.4R2-S5 should be upgraded. Juniper Networks Junos OS versions prior to 24.2R2-S1 should be upgraded. Juniper Networks Junos OS versions prior to 24.4R1-S3 and 24.4R2 should be upgraded.