CVE-2024-39520

Name of the Vulnerable Software and Affected Versions Junos OS Evolved versions prior to 20.4R3-S6-EVO Junos OS Evolved versions 21.2-EVO prior to 21.2R3-S4-EVO Junos OS Evolved versions 21.4-EVO prior to 21.4R3-S6-EVO Junos OS Evolved versions 22.2-EVO prior to 22.2R2-S1-EVO Junos OS Evolved versions 22.2-EVO prior to 22.2R3-EVO Junos OS Evolved versions 22.3-EVO prior to 22.3R2-EVO

Description The issue exists due to the improper neutralization of special elements used in the command-line interface (CLI) of Junos OS Evolved. This allows a local, authenticated attacker with low privileges to escalate their privileges to 'root', leading to a full compromise of the system. The Junos OS Evolved CLI does not properly handle command options in some cases, allowing users to execute specific CLI commands with a crafted set of parameters to escalate their privileges to root on the shell level.

Recommendations For versions prior to 20.4R3-S6-EVO, update to version 20.4R3-S6-EVO or later. For versions 21.2-EVO prior to 21.2R3-S4-EVO, update to version 21.2R3-S4-EVO or later. For versions 21.4-EVO prior to 21.4R3-S6-EVO, update to version 21.4R3-S6-EVO or later. For versions 22.2-EVO prior to 22.2R2-S1-EVO, update to version 22.2R2-S1-EVO or later. For versions 22.2-EVO prior to 22.2R3-EVO, update to version 22.2R3-EVO or later. For versions 22.3-EVO prior to 22.3R2-EVO, update to version 22.3R2-EVO or later.