CVE-2023-28975 : What You Need to Know
# CVE-2023-28975: Vulnerability in Juniper Networks Junos OS allows DoS attack via USB devices. Impact, affected versions, and mitigation steps detailed.
An Unexpected Status Code or Return Value vulnerability has been identified in Juniper Networks Junos OS. This vulnerability allows an unauthenticated attacker with physical access to the device to cause a Denial of Service (DoS) by crashing the kernel. The issue occurs when certain USB devices are connected to a USB port of the routing-engine (RE), resulting in the kernel crashing and causing the device to continuously reboot as long as the USB device is connected. This vulnerability affects various versions of Junos OS prior to specific releases.
Understanding CVE-2023-28975
This section delves into the details of the CVE-2023-28975 vulnerability in Juniper Networks Junos OS.
What is CVE-2023-28975?
The CVE-2023-28975 vulnerability in Junos OS involves an Unexpected Status Code or Return Value issue that allows an attacker with physical access to the device to trigger a DoS attack by causing the kernel to crash when certain USB devices are connected.
The Impact of CVE-2023-28975
The impact of this vulnerability is significant as it can lead to a Denial of Service condition on affected Junos OS devices, disrupting their normal operation and potentially causing downtime.
Technical Details of CVE-2023-28975
This section provides insights into the technical aspects of CVE-2023-28975, including vulnerability description, affected systems, and exploitation mechanism.
Vulnerability Description
The vulnerability in Junos OS results in a kernel crash when specific USB devices are connected, leading to a continuous reboot loop and device instability.
Affected Systems and Versions
Juniper Networks Junos OS versions prior to the following are affected:
- 19.4R3-S10
- 20.2R3-S7
- 20.3R3-S6
- 20.4R3-S5
- 21.1R3-S4
- 21.2R3-S4
- 21.3R3-S3
- 21.4R3-S2
- 22.1R2-S2, 22.1R3
- 22.2R2, 22.2R3
- 22.3R1-S1, 22.3R2
- 22.4R2
Exploitation Mechanism
The vulnerability can be exploited by an attacker with physical access to the device by connecting certain USB devices to trigger the kernel crash.
Mitigation and Prevention
To address CVE-2023-28975, certain steps can be taken to mitigate the risks associated with this vulnerability.
Immediate Steps to Take
Utilize common security Best Current Practices (BCPs) to limit physical access to the devices and reduce the risk of exploitation.
Long-Term Security Practices
Implement strict physical security measures to prevent unauthorized access to devices hosting Juniper Networks Junos OS.
Patching and Updates
Juniper Networks has released updated software versions to address this specific vulnerability. It is recommended to update to the following releases or subsequent versions:
- 19.4R3-S10
- 20.2R3-S7
- 20.3R3-S6
- 20.4R3-S5
- 21.1R3-S4
- 21.2R3-S4
- 21.3R3-S3
- 21.4R3-S2
- 22.1R2-S2, 22.1R3
- 22.2R2
- 22.3R1-S1, 22.3R2
- 22.4R2
- 23.1R1, and all subsequent releases.