CVE-2023-28975

Summary

An Unexpected Status Code or Return Value vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated attacker with physical access to the device to cause a Denial of Service (DoS). When certain USB devices are connected to a USB port of the routing-engine (RE), the kernel will crash leading to a reboot of the device. The device will continue to crash as long as the USB device is connected. This issue affects Juniper Networks Junos OS: All versions prior to 19.4R3-S10; 20.2 versions prior to 20.2R3-S7; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S4; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S2; 22.1 versions prior to 22.1R2-S2, 22.1R3; 22.2 versions prior to 22.2R2, 22.2R3; 22.3 versions prior to 22.3R1-S1, 22.3R2; 22.4 versions prior to 22.4R2.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OSunspecified < 19.4R3-S10affected
Juniper NetworksJunos OS20.2 < 20.2R3-S7affected
Juniper NetworksJunos OS20.3 < 20.3R3-S6affected
Juniper NetworksJunos OS20.4 < 20.4R3-S5affected
Juniper NetworksJunos OS21.1 < 21.1R3-S4affected
Juniper NetworksJunos OS21.2 < 21.2R3-S4affected
Juniper NetworksJunos OS21.3 < 21.3R3-S3affected
Juniper NetworksJunos OS21.4 < 21.4R3-S2affected
Juniper NetworksJunos OS22.1 < 22.1R2-S2, 22.1R3affected
Juniper NetworksJunos OS22.2 < 22.2R2affected
Juniper NetworksJunos OS22.3 < 22.3R1-S1, 22.3R2affected
Juniper NetworksJunos OS22.4 < 22.4R2affected

Weaknesses

  • CWE-394: CWE-394 Unexpected Status Code or Return Value
  • Denial of Service (DoS)

Workarounds

To reduce the risk of exploitation utilize common security BCPs to limit physical access to the devices..

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References