Juniper Junos OS: 2021-04 Security Bulletin: Junos OS: Multiple Local Privilege Escalation vulnerabilities in SUID binaries (JSA11175) (multiple CVEs)
Description
Multiple local privilege escalation vulnerabilities in Juniper Networks Junos OS have been reported due to the setuid bit being enabled on several binaries. These binaries will run as the owner of the executable (typically “root”) and inherit their privileges. This may allow a locally authenticated user with shell access the ability to disclose sensitive information or execute arbitrary commands as root.
Solution(s)
juniper-junos-os-upgrade-latest
Referenceshttps://attackerkb.com/topics/cve-2021-0255CVE - 2021-0255CVE - 2021-0256JSA11175