CVE-2022-22238 is a vulnerability identified in the routing protocol daemon (rpd) component of Juniper Networks Junos OS and Junos OS Evolved. The flaw stems from an improper check for unusual or exceptional conditions (CWE-754) when processing incoming RESV messages related to protected Label Switched Paths (LSPs). Specifically, if an unauthenticated attacker on an adjacent network sends a malformed RESV message corresponding to a protected LSP, it triggers an incorrect internal state within the rpd process, causing it to crash and generate a core dump. This results in a Denial of Service (DoS) condition, disrupting routing operations on the affected device. The vulnerability affects a broad range of Junos OS versions prior to various patch releases starting from 19.2R3-S6 through 21.3R2, and similarly for Junos OS Evolved versions prior to 20.2R3-S3-EVO and others as detailed. The CVSS v3.1 base score is 5.3 (medium severity), with the vector indicating that the attack requires adjacent network access (AV:A), high attack complexity (AC:H), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), no confidentiality or integrity impact (C:N/I:N), but high impact on availability (A:H). No known exploits are reported in the wild to date. This vulnerability can cause service disruption on critical network infrastructure devices running Junos OS, potentially affecting network stability and availability.

For European organizations, especially those operating large-scale networks, ISPs, telecom providers, and enterprises relying on Juniper Networks infrastructure, this vulnerability poses a risk of network outages due to DoS conditions on routing devices. The rpd daemon is critical for routing protocol operations; its crash can lead to loss of routing information, traffic blackholing, or network partitioning until the device recovers or is manually restarted. This can impact business continuity, degrade service quality, and cause cascading failures in interconnected networks. Given the medium CVSS score and the requirement for adjacent network access, the threat is more pronounced in environments where attackers can gain access to the same Layer 2 or Layer 3 segment, such as data centers, campus networks, or poorly segmented WANs. The lack of confidentiality or integrity impact limits data breach risks, but availability disruption can affect critical services, including financial transactions, communications, and industrial control systems prevalent in Europe. The absence of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits over time.

European organizations should prioritize patching affected Junos OS and Junos OS Evolved devices with the vendor-released updates starting from the specified fixed versions (e.g., 19.2R3-S6 and later). Network segmentation should be enforced to limit adjacency of untrusted devices to critical routing infrastructure, minimizing the attack surface. Implement strict ingress filtering and validation of routing protocol messages where possible to detect and block malformed RESV messages. Monitoring and alerting on rpd process crashes or core dumps can provide early warning of exploitation attempts. Employ network access controls to restrict who can send routing protocol messages, including use of authentication mechanisms supported by Junos OS. Regularly review and update network device configurations to adhere to security best practices. In environments where immediate patching is not feasible, consider temporary mitigations such as isolating vulnerable devices or disabling affected features if operationally acceptable. Coordination with Juniper Networks support for guidance and timely updates is recommended.