Juniper Networks has admitted that it has discovered critical vulnerabilities in its ScreenOS which is the operating system for the company's NetScreen firewalls.
In an advisory note published on Thursday, Dec. 17, Juniper revealed that there were two security vulnerabilities.
What are the "unauthorized codes" capable of doing? The first vulnerability could potentially allow a hacker to decrypt VPN data. Alarmingly, no trace of this action would remain. The second critical security vulnerability will enable hackers to use remote access over telnet or SSH and compromise a device.
Juniper discovered the spy codes in its NetScreen firewall during the course of its internal code review.
"During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections. Once we identified these vulnerabilities, we launched an investigation into the matter, and worked to develop and issue patched releases for the latest versions of ScreenOS," revealed Juniper's SVP Chief Information Officer Bob Worrall.
Who is impacted, you ask? NetScreen device users who run ScreenOS 6.2.0r15 to 6.2.0r18, as well as 6.3.0r12 to 6.3.0r20.
The vendor's release notes hint that the earliest vulnerable version dates back to 2012. Potentially, the unauthorized code may have been there since 2008, as Juniper's notice says that it impacts ScreenOS 6.2, which was released in 2008.
How the spy codes were inserted in the Juniper operating systems remains unknown. Juniper asserts that while it has not received any information on the exploitation of the vulnerabilities, it recommends users update the system and apply the patch release immediately.
Juniper is not aware whether devices that run Junos (including SRX) are also impacted by the "unauthorized code" vulnerability.
The company released a patch to sort the issue. Patched versions of ScreenOS can be downloaded now from this link.
Photo: Mark Doliner | Flickr