Vulnerability identifier: #VU10149

Vulnerability risk: Low

CVSSv3.1: 5.4 [CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-0008

CWE-ID: CWE-264

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Juniper Junos OS
Operating systems & Components / Operating system

Vendor: Juniper Networks, Inc.

Description
The vulnerability allows a physically local attacker to gain elevated privileges on the target system.

The weakness exists due to improper access and privileges controls. A physically local attacker on the console can gain root access without authenticating after an authenticated administrator has run a commit script containing certain instructions and the system reboots into a "safe mode" authentication state.

Mitigation
The vulnerability is addressed in the following versions: 12.1X46-D71, 12.3X48-D55, 14.1R9, 14.1X53-D40, 14.2R7-S9, 14.2R8, 15.1F5-S7, 15.1F6-S8, 15.1R5-S6, 15.1R6, 15.1X49-D110, 15.1X53-D49, 15.1X53-D470, 15.1X53-D232, 15.1X53-D65, 16.1R2, 16.2R1.

Vulnerable software versions

Juniper Junos OS: 12.1 - 12.1x48, 12.1x44, 12.1x45, 12.1x46 - 12.1X46-D67, 12.1x47, 12.2 - 12.2x65, 12.3 - 12.3x50, 14.1 - 14.1x51, 14.1x53 - 14.1X53-D122, 14.1x55, 14.2 - 14.2R8, 15.1 - 15.1R7, 16.1, 12.3x48 - 12.3X48-D55, 15.1F2 - 15.1F6-S7, 15.1X49 - 15.1X49-D100, 15.1X53 - 15.1X53-D231

---

External links
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10835

---

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.