CVE-2021-0223

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 15.1R7-S9 Juniper Networks Junos OS 17.3 versions prior to 17.3R3-S11 Juniper Networks Junos OS 17.4 versions prior to 17.4R2-S12, 17.4R3-S3 Juniper Networks Junos OS 18.1 versions prior to 18.1R3-S11 Juniper Networks Junos OS 18.2 versions prior to 18.2R3-S6 Juniper Networks Junos OS 18.3 versions prior to 18.3R2-S4, 18.3R3-S4 Juniper Networks Junos OS 18.4 versions prior to 18.4R2-S7, 18.4R3-S6 Juniper Networks Junos OS 19.1 versions prior to 19.1R2-S2, 19.1R3-S4 Juniper Networks Junos OS 19.2 versions prior to 19.2R1-S6, 19.2R3-S1 Juniper Networks Junos OS 19.3 versions prior to 19.3R3-S1 Juniper Networks Junos OS 19.4 versions prior to 19.4R2-S2, 19.4R3 Juniper Networks Junos OS 20.1 versions prior to 20.1R1-S4, 20.1R2 Juniper Networks Junos OS 20.2 versions prior to 20.2R2

Description A local privilege escalation issue in telnetd.real of Juniper Networks Junos OS may allow a locally authenticated shell user to escalate privileges and execute arbitrary commands as root. telnetd.real is shipped with setuid permissions enabled and is owned by the root user, allowing local users to run telnetd.real with root privileges.

Recommendations For Juniper Networks Junos OS versions prior to 15.1R7-S9, update to version 15.1R7-S9 or later. For Juniper Networks Junos OS 17.3 versions prior to 17.3R3-S11, update to version 17.3R3-S11 or later. For Juniper Networks Junos OS 17.4 versions prior to 17.4R2-S12, 17.4R3-S3, update to version 17.4R2-S12 or 17.4R3-S3 or later. For Juniper Networks Junos OS 18.1 versions prior to 18.1R3-S11, update to version 18.1R3-S11 or later. For Juniper Networks Junos OS 18.2 versions prior to 18.2R3-S6, update to version 18.2R3-S6 or later. For Juniper Networks Junos OS 18.3 versions prior to 18.3R2-S4, 18.3R3-S4, update to version 18.3R2-S4 or 18.3R3-S4 or later. For Juniper Networks Junos OS 18.4 versions prior to 18.4R2-S7, 18.4R3-S6, update to version 18.4R2-S7 or 18.4R3-S6 or later. For Juniper Networks Junos OS 19.1 versions prior to 19.1R2-S2, 19.1R3-S4, update to version 19.1R2-S2 or 19.1R3-S4 or later. For Juniper Networks Junos OS 19.2 versions prior to 19.2R1-S6, 19.2R3-S1, update to version 19.2R1-S6 or 19.2R3-S1 or later. For Juniper Networks Junos OS 19.3 versions prior to 19.3R3-S1, update to version 19.3R3-S1 or later. For Juniper Networks Junos OS 19.4 versions prior to 19.4R2-S2, 19.4R3, update to version 19.4R2-S2 or 19.4R3 or later. For Juniper Networks Junos OS 20.1 versions prior to 20.1R1-S4, 20.1R2, update to version 20.1R1-S4 or 20.1R2 or later. For Juniper Networks Junos OS 20.2 versions prior to 20.2R2, update to version 20.2R2 or later. As a temporary workaround, consider disabling the telnetd.real component until a patch is available.