CVE-2019-0058

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 12.3X48-D80 on SRX Series.

Description A vulnerability in the Veriexec subsystem of Juniper Networks Junos OS allows an attacker to fully compromise the host system. A local authenticated user can elevate privileges to gain full control of the system even if they are specifically denied access to perform certain actions. This issue is related to inadequate access control in the Veriexec subsystem.

Recommendations For Juniper Networks Junos OS versions prior to 12.3X48-D80 on SRX Series, update to version 12.3X48-D80 or later to resolve the issue. As a temporary workaround, consider restricting access to the Veriexec subsystem to minimize the risk of exploitation.