Sponsored By

Juniper Warns of 'Unauthorized Code' on Its FirewallsJuniper Warns of 'Unauthorized Code' on Its Firewalls

Code could allow attackers to gain administrative access and decrypt VPN connections.

Mitch Wagner

December 18, 2015

2 Min Read
Juniper Warns of 'Unauthorized Code' on Its Firewalls

Juniper is warning of unauthorized code in ScreenOS, the operating system for its NetScreen firewalls, that could allow attackers to gain administrative access and decrypt VPN connections.

"During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections," Bob Worrall, Juniper Networks Inc. (NYSE: JNPR)'s SVP and CIO, said on the Juniper support forums Thursday.

"At this time, we have not received any reports of these vulnerabilities being exploited; however, we strongly recommend that customers update their systems and apply the patched releases with the highest priority," Worrall said.

The vulnerability affects NetScreen devices using ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20.

Want to know more about security? Visit Light Reading's security content channel. Juniper found no evidence SRX or other Junos devices were affected, Worrall said. Juniper declined to comment on how the code got into ScreenOS. A 2013 article in Der Spiegel said the NSA was able to break Juniper firewalls, along with "nearly all the security architecture made by the major players in the industry," including Cisco Systems Inc. (Nasdaq: CSCO), Huawei Technologies Co. Ltd. and Dell Technologies (Nasdaq: DELL) Related posts: Polymorphic Attacks Reshape Security Landscape Juniper Boosts Router Automation & Performance Juniper Bets Big on White Box & NFV AT&T's Spying Activities Risk Backlash Verizon Responds to German Spying Concerns NSA Reportedly Spying on Huawei: What's Chinese for 'Ironic'? Huawei Names US Lead, Reminds Us It's Still Here — Mitch Wagner, Circle me on Google+ Follow me on TwitterVisit my LinkedIn profileFollow me on Facebook, West Coast Bureau Chief, Light Reading. Got a tip about SDN or NFV? Send it to [email protected].

About the Author(s)

Mitch Wagner

Executive Editor, Light Reading

San Diego-based Mitch Wagner is many things. As well as being "our guy" on the West Coast (of the US, not Scotland, or anywhere else with indifferent meteorological conditions), he's a husband (to his wife), dissatisfied Democrat, American (so he could be President some day), nonobservant Jew, and science fiction fan. Not necessarily in that order.

He's also one half of a special duo, along with Minnie, who is the co-habitor of the West Coast Bureau and Light Reading's primary chewer of sticks, though she is not the only one on the team who regularly munches on bark.

Wagner, whose previous positions include Editor-in-Chief at Internet Evolution and Executive Editor at InformationWeek, will be responsible for tracking and reporting on developments in Silicon Valley and other US West Coast hotspots of communications technology innovation.

Beats: Software-defined networking (SDN), network functions virtualization (NFV), IP networking, and colored foods (such as 'green rice').

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like