CVE-2020-1634

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions 12.3X48-D80 through 12.3X48-D95 on High-End SRX Series

Description: The issue affects High-End SRX Series devices, in specific configurations, and when specific networking events or operator actions occur, an SPC receiving genuine multicast traffic may core, causing all FPCs in a chassis to reset and resulting in a Denial of Service. This issue affects both IPv4 and IPv6. The problem is due to insufficient input validation.

Recommendations: For Juniper Networks Junos OS versions 12.3X48-D80 through 12.3X48-D95 on High-End SRX Series, update to version 12.3X48-D95 or later to resolve the issue. As a temporary workaround, consider restricting the reception of genuine multicast traffic to minimize the risk of exploitation.