CVE-2024-47501 in Junos OS
Summary
by MITRE • 10/11/2024
A NULL Pointer Dereference vulnerability in the
packet forwarding engine (pfe) of Juniper Networks Junos OS on MX304, MX with MPC10/11/LC9600, and EX9200 with EX9200-15C allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS).
In a VPLS or Junos Fusion scenario, the execution of specific show commands will cause all FPCs hosting VPLS sessions or connecting to satellites to crash and restart.
This issue affects Junos on MX304, MX with MPC10/11/LC9600 and EX9200 with EX9200-15C:
* All version before 21.2R3-S1, * 21.3 versions before 21.3R3, * 21.4 versions before 21.4R2.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 01/26/2026
This vulnerability represents a critical null pointer dereference flaw within the packet forwarding engine of Juniper Networks Junos OS affecting specific hardware platforms including MX304, MX series with MPC10/11/LC9600, and EX9200 with EX9200-15C devices. The issue stems from improper validation of pointer references during packet processing operations, creating a condition where a null pointer is accessed when executing specific show commands in VPLS or Junos Fusion environments. This fundamental programming error allows a locally authenticated attacker with minimal privileges to trigger system instability through legitimate administrative commands, demonstrating a clear weakness in input validation and memory management practices.
The technical exploitation of this vulnerability occurs when administrators execute certain show commands within VPLS or Junos Fusion contexts, which causes the packet forwarding engine to attempt accessing a null pointer reference in the forwarding process. This results in immediate system termination and subsequent automatic restart of all Forwarding Processing Cards (FPCs) that host VPLS sessions or maintain connections to satellite devices. The cascading effect of these restarts creates widespread service disruption across the affected network infrastructure, as multiple FPCs simultaneously fail and recover, leading to temporary loss of forwarding capabilities and potential disruption of customer traffic.
The operational impact of this vulnerability extends beyond simple service interruption to encompass significant reliability concerns for network infrastructure. The DoS condition affects not just individual devices but entire network domains when multiple FPCs fail simultaneously, creating potential for extended service degradation and increased operational overhead for network administrators. This vulnerability particularly impacts service provider networks where VPLS and Junos Fusion deployments are common, as these technologies rely heavily on consistent forwarding engine performance to maintain service level agreements. The timing of the crash and restart cycle can also affect network convergence times and potentially create routing instabilities during the recovery phase.
Organizations affected by this vulnerability should immediately implement mitigation strategies including applying the relevant Juniper security patches and updates as recommended in their official security advisories. Network administrators should also consider implementing command filtering or access control measures to restrict execution of potentially problematic show commands until proper patches are deployed. The vulnerability aligns with CWE-476 which specifically addresses null pointer dereference conditions, and represents a clear violation of secure coding practices that should be prevented through proper input validation and null pointer checking mechanisms. From an ATT&CK framework perspective, this vulnerability maps to privilege escalation and denial of service tactics, potentially enabling attackers to disrupt network operations and gain leverage for further exploitation attempts.
This vulnerability demonstrates the critical importance of proper memory management and input validation in network operating systems, particularly in high-availability environments where device stability directly impacts service delivery. The fact that this affects multiple hardware generations within the Juniper MX and EX product lines indicates a systemic issue within the packet forwarding engine implementation that requires comprehensive code review and testing. Network security teams should conduct thorough vulnerability assessments of their Junos OS deployments to identify all affected devices and prioritize patching activities based on network criticality and service dependencies. The remediation process should include not only software updates but also verification procedures to ensure that the specific null pointer dereference conditions have been properly addressed in the updated code implementations.