Juniper Warns of Critical Authentication Bypass Vulnerability Affecting Multiple Products

Juniper Networks has issued an urgent security advisory addressing a critical API authentication bypass vulnerability (CVE-2025-21589) affecting its Session Smart Router, Session Smart Conductor, and WAN Assurance Managed Router product lines. Security teams must prioritize inventory audits using tools like Juniper HealthBot and implement Zero Trust Network Access (ZTNA) controls for management interfaces as interim measures while awaiting patch deployment. Juniper’s Security Incident Response Team (SIRT) confirms the vulnerability was discovered during internal fuzz testing of the gRPC-based management protocol, with no observed in-the-wild exploitation as of February 18, 2025. While patch application causes sub-30-second API management plane disruptions, data forwarding operations remain unaffected thanks to the separation of control and data planes in Juniper’s Session Smart architecture. Affected configurations include Session Smart Router versions from 5.6.7 before 5.6.17, 6.0.8 through 6.1.12-lts, 6.2.8-lts, and 6.3.3-r2; Session Smart Conductor installations with equivalent version ranges; and WAN Assurance Managed Routers matching these parameters. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. This cryptographic failure enables unauthorized access to the /api/v1/config endpoint, where attackers can deploy malicious routing policies or exfiltrate session keys through GET requests to /api/v1/system/security/keys. As enterprises accelerate SDN adoption, this incident reinforces the necessity of continuous API security validation through DAST (Dynamic Application Security Testing) and runtime protection mechanisms.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 18 Feb 2025 10:35:14 +0000

Cyber News related to Juniper Warns of Critical Authentication Bypass Vulnerability Affecting Multiple Products

Juniper Support Portal Exposed Customer Device Info - Until earlier this week, the support website for networking equipment vendor Juniper Networks was exposing potentially sensitive information tied to customer products, including which devices customers bought, as well as each product's warranty ...
1 year ago Krebsonsecurity.com

Juniper warns of critical RCE bug in its firewalls and switches - Juniper Networks has released security updates to fix a critical pre-auth remote code execution vulnerability in its SRX Series firewalls and EX Series switches. Found in the devices' J-Web configuration interfaces and tracked as CVE-2024-21591, this ...
1 year ago Bleepingcomputer.com

CISA warns of actively exploited Juniper pre-auth RCE exploit chain - CISA warned federal agencies today to secure Juniper devices on their networks by Friday against four vulnerabilities now used in remote code execution attacks as part of a pre-auth exploit chain. The alert comes one week after Juniper updated its ...
1 year ago Bleepingcomputer.com

Passwordless Login: Effortless Authentication - Let's explore how passwordless login paves the way for seamless and secure user authentication, fostering trust and loyalty. The Password Dilemma Though conventional complex password-based authentication has long been a cornerstone of robust ...
1 year ago Feeds.dzone.com

Juniper patches critical auth bypass in Session Smart routers - "An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allow a network-based attacker to bypass authentication and take administrative control of the device," the American networking ...
3 days ago Bleepingcomputer.com

Juniper releases out-of-cycle fix for max severity auth bypass flaw - Juniper Networks has released an emergency update to address a maximum severity vulnerability that leads to authentication bypass in Session Smart Router, Session Smart Conductor, and WAN Assurance Router products. The security issue is tracked as ...
7 months ago Bleepingcomputer.com

Juniper Warns of Critical Authentication Bypass Vulnerability Affecting Multiple Products - Juniper Networks has issued an urgent security advisory addressing a critical API authentication bypass vulnerability (CVE-2025-21589) affecting its Session Smart Router, Session Smart Conductor, and WAN Assurance Managed Router product lines. ...
3 days ago Cybersecuritynews.com

What Is Kerberos Authentication?: Implementing Effective Security Protocols - Kerberos is a vital security protocol that any serious computer user must be familiar with. It is an open standard that provides a secure way of verifying the identity of user across multiple systems. The Kerberos authentication protocol is a ...
2 years ago Heimdalsecurity.com

VMWare discloses critical VCD Appliance auth bypass with no patch - VMware disclosed a critical and unpatched authentication bypass vulnerability affecting Cloud Director appliance deployments. Cloud Director enables VMware admins to manage their organizations' cloud services as part of Virtual Data Centers. The auth ...
1 year ago Bleepingcomputer.com

How to Use Context-Based Authentication to Improve Security - One of the biggest security weak points for organizations involves their authentication processes. Context-based authentication offers an important tool in the battle against credential stuffing, man-in-the-middle attacks, MFA prompt bombing, and ...
1 year ago Securityboulevard.com

Zyxel warns of multiple critical vulnerabilities in NAS devices - Zyxel has addressed multiple security issues, including three critical ones that could allow an unauthenticated attacker to execute operating system commands on vulnerable network-attached storage devices. Zyxel NAS systems are used for storing data ...
1 year ago Bleepingcomputer.com

VMware fixes critical Cloud Director auth bypass unpatched for 2 weeks - VMware has fixed a critical authentication bypass vulnerability in Cloud Director appliance deployments, a bug that was left unpatched for over two weeks since it was disclosed on November 14th. Cloud Director is a VMware platform that enables admins ...
1 year ago Bleepingcomputer.com

CISA: Critical Ivanti auth bypass bug now actively exploited - CISA warns that a critical authentication bypass vulnerability in Ivanti's Endpoint Manager Mobile and MobileIron Core device management software is now under active exploitation. Tracked as CVE-2023-35082, the flaw is a remote unauthenticated API ...
1 year ago Bleepingcomputer.com

Selecting an Authentication Protocol for Your Business - Authentication protocols serve as the backbone of online security, enabling users to confirm their identities securely and access protected information and services. The protocols exchange information to verify the validity of the authentication ...
10 months ago Darkreading.com

CVE-2022-22184 - An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). If a BGP update message is received ...
2 years ago

CERT-UA warns of malware campaign conducted by threat actor UAC-0006 - Threat actors may have exploited a zero-day in older iPhones, Apple warns. Microsoft fixed two zero-day bugs exploited in malware attacks. Threat actors actively exploit JetBrains TeamCity flaws to deliver malware. Recent DarkGate campaign exploited ...
8 months ago Securityaffairs.com

Protecting Networks from Opportunistic Ivanti Pulse Secure Vulnerability Exploitation - Juniper Threat Labs has been monitoring exploitation attempts targeting an Ivanti Pulse Secure authentication bypass with remote code execution vulnerabilities. We have observed instances of Mirai botnet delivery in the wild, using this exploit with ...
9 months ago Blogs.juniper.net

Hewlett Packard Enterprise Acquire Juniper Networks - HPE to acquire Juniper Networks for $14 billion in cash, in a move to bolster its AI networking credentials. Hewlett Packard Enterprise, a veteran of the tech industry, has confirmed a multi billion dollar acquisition of Juniper Networks. HPE ...
1 year ago Silicon.co.uk

Biometric Authentication in Business: Enhancing Security - With its high level of security, convenience, user-friendliness, and accuracy, biometric authentication is paving the way for the future of secure authentication in the business world. One of the primary advantages of implementing biometric ...
1 year ago Securityzap.com

Atlassian warns of exploit for Confluence data wiping bug, get patching - Atlassian warned admins that a public exploit is now available for a critical Confluence security flaw that can be used in data destruction attacks targeting Internet-exposed and unpatched instances. Tracked as CVE-2023-22518, this is an improper ...
1 year ago Bleepingcomputer.com

Citrix warns of new Netscaler zero-days exploited in attacks - Citrix urged customers on Tuesday to immediately patch Netscaler ADC and Gateway appliances exposed online against two actively exploited zero-day vulnerabilities. The two zero-days impact the Netscaler management interface and expose unpatched ...
1 year ago Bleepingcomputer.com

Critical bug in ownCloud file sharing app exposes admin passwords - Open source file sharing software ownCloud is warning of three critical-severity security vulnerabilities, including one that can expose administrator passwords and mail server credentials. OwnCloud is an open-source file sync and sharing solution ...
1 year ago Bleepingcomputer.com

Opening Statement by CISA Director Jen Easterly - Chairman Gallagher, Ranking Member Krishnamoorthi, Members of the Committee, thank you for the opportunity to testify on CISA's efforts to protect the Nation from the preeminent cyber threat posed by the People's Republic of China. As America's ...
1 year ago Cisa.gov

Critical Juniper Networks RCE bug impacts heaps of devices The Register - More than 11,500 Juniper Networks devices are exposed to a new remote code execution vulnerability, and infosec researchers are pressing admins to urgently apply the patches. It's somewhat of a repeat scenario for Juniper Networks, which only ...
1 year ago Go.theregister.com

Latest Cyber News

Feds fine Warby Parker $1.5 million for failing to protect customer health data | The Record from Recorded Future News - 23 minutes ago
Hacker steals record $1.46 billion from Bybit ETH cold wallet - 1 hour ago
Hacker steals over $1.46 billion of crypto from Bybit ETH cold wallet - 1 hour ago
China Claim That NSA Allegedly Hacked Northwestern Polytechnical University - 1 hour ago
CISA flags Craft CMS code injection flaw as exploited in attacks - 2 hours ago
ACRStealer Malware Exploiting Google Docs as C2 To Steal Login Credentials - 2 hours ago
Apple pulls iCloud end-to-end encryption feature in the UK - 2 hours ago
Darcula 3.0 Tool Automatically Generates Phishing Kit For Any Brand - 2 hours ago
Ukrainian hackers claim breach of Russian loan company linked to Putin’s ex-wife | The Record from Recorded Future News - 3 hours ago
Black Basta is latest ransomware group to be hit by leak of chat logs | The Record from Recorded Future News - 5 hours ago
CISA Releases 7 ICS Advisories Detailing Vulnerabilities & Exploits - 10 hours ago
Pegasus Spyware Used Widely to Target Individuals in Private Industry & Finance Sectors - 11 hours ago
SPAWNCHIMERA Malware Exploiting Ivanti Buffer Overflow Vulnerability By Applying A Fix - Cyber Security News - 11 hours ago
Chinese Hackers Using New Bookworm Malware In Attacks Targeting Southeast Asia - 12 hours ago
Google Released PoC Exploit for Palo Alto Firewall Command Injection Vulnerability - 14 hours ago
New Active Directory Pentesting Tool For KeyCredentialLink Management - 14 hours ago
Windows Wi-Fi Password Stealer Malware Found Hosted on GitHub - 16 hours ago
China-linked hackers target European healthcare orgs in suspected espionage campaign | The Record from Recorded Future News - 16 hours ago
CVE-2025-27097 - 20 hours ago
CVE-2025-27098 - 20 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Feds fine Warby Parker $1.5 million for failing to protect customer health data | The Record from Recorded Future News - 23 minutes ago
Hacker steals record $1.46 billion from Bybit ETH cold wallet - 1 hour ago
Hacker steals over $1.46 billion of crypto from Bybit ETH cold wallet - 1 hour ago
China Claim That NSA Allegedly Hacked Northwestern Polytechnical University - 1 hour ago
CISA flags Craft CMS code injection flaw as exploited in attacks - 2 hours ago
ACRStealer Malware Exploiting Google Docs as C2 To Steal Login Credentials - 2 hours ago
Apple pulls iCloud end-to-end encryption feature in the UK - 2 hours ago
Darcula 3.0 Tool Automatically Generates Phishing Kit For Any Brand - 2 hours ago
Ukrainian hackers claim breach of Russian loan company linked to Putin’s ex-wife | The Record from Recorded Future News - 3 hours ago
Black Basta is latest ransomware group to be hit by leak of chat logs | The Record from Recorded Future News - 5 hours ago
CISA Releases 7 ICS Advisories Detailing Vulnerabilities & Exploits - 10 hours ago
Pegasus Spyware Used Widely to Target Individuals in Private Industry & Finance Sectors - 11 hours ago
SPAWNCHIMERA Malware Exploiting Ivanti Buffer Overflow Vulnerability By Applying A Fix - Cyber Security News - 11 hours ago
Chinese Hackers Using New Bookworm Malware In Attacks Targeting Southeast Asia - 12 hours ago
Google Released PoC Exploit for Palo Alto Firewall Command Injection Vulnerability - 14 hours ago
New Active Directory Pentesting Tool For KeyCredentialLink Management - 14 hours ago
Windows Wi-Fi Password Stealer Malware Found Hosted on GitHub - 16 hours ago
China-linked hackers target European healthcare orgs in suspected espionage campaign | The Record from Recorded Future News - 16 hours ago
CVE-2025-1272 - 3 days ago
CVE-2025-27090 - 1 day ago