CVE-2020-1681

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS Evolved versions prior to 20.1R2-EVO

Description The issue occurs when parsing a specifically malformed NDP packet sent from the local area network to a device running Juniper Networks Junos OS Evolved, causing the ndp process to crash and resulting in a Denial of Service (DoS). The process automatically restarts without intervention. A continuous receipt of the malformed NDP packets could lead to an extended Denial of Service condition, affecting IPv6 neighbor learning. Exploitation of this issue is limited to a temporary denial of service and cannot be leveraged to cause additional impact on the system. This issue is limited to the processing of IPv6 NDP packets and does not affect IPv4 packet processing.

Recommendations For Juniper Networks Junos OS Evolved versions prior to 20.1R2-EVO, update to version 20.1R2-EVO or later to resolve the issue. As a temporary workaround, consider implementing measures to block or restrict the receipt of malformed NDP packets to minimize the risk of exploitation.