Juniper Networks incorporated announced on December seventeen two thousand fifteen, that they found a backdoor code vulnerability in their firewalls. Knowledgeable attackers could potentially gain administrative access remotely using Juniper’s Netscreen firewalls and decrypt virtual private network connections. Juniper Networks incorporated has since released a critical patch update.
These patch updates have been released for Screen operating system, which is Juniper’s firewall software. Juniper Networks claim they found this backdoor security flaw through an internal code review. Juniper Networks recommends their customers install recently released patch updates. Also, Juniper Networks claims they know of no known exploitations from this security risk.
Bob Worrall Juniper Networks’ senior vice president and chief information officer was quoted as saying:
“On behalf of the entire Juniper Security Response Team, please know that we take this matter very seriously and are making every effort to address these issues. More information and guidance on applying this update to systems can be found in the Juniper Security Advisories (JSAs) available on our Security Incident Response website at http://advisory.juniper.net.”
All NetScreen devices using Screen operating system 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 are affected and require installation of released patch software updates. This security backdoor vulnerability only affects Juniper Networks Screen operating system software. You can check out Juniper Network’s security announcement for more information.
A user could potentially gain administrative access remotely with secure shell or telnet terminal connections. Also, a user could potentially monitor virtual private network traffic with encryption. Both issues are independent from each other.
This Juniper security bulletin addresses more technical information about both of these potential backdoor security flaws.
Juniper Networks Finds Backdoor Vulnerability in Their Firewalls Video Transcript
0:01
jimbo networks finds backdoor
0:04
vulnerability in their firewalls Juniper
0:07
Networks incorporate announced on
0:08
December 17 2015 that they found a back
0:10
door code vulnerability in their
0:12
firewalls knowledgeable attackers could
0:15
potentially gain administrative access
0:17
remotely via junipers netscreen
0:19
firewalls and decrypt virtual private
0:22
network connections Juniper Networks has
0:24
since released a critical patch update
0:27
these patches have been released for
0:29
screen OS which is junipers firewall
0:31
software Juniper Networks claimed they
0:34
found this backdoor security flaw
0:35
through an internal code review juniper
0:38
recommends their customers install
0:40
recently released patches also Juniper
0:43
claims they know of no known
0:45
exploitation of this security risk Bob
0:48
world Juniper Networks is senior vice
0:51
president and chief information officer
0:53
was quoted as saying on behalf of the
0:55
entire Juniper Security Response Team
0:57
please know that we take this matter
0:58
very seriously and are making every
1:00
effort to address these issues more
1:02
information and guidance on applying
1:04
this update to systems can be found in
1:07
the Juniper security advisories JSA is
1:09
available on our security incident
1:11
response website at advisory juniper net
1:14
all net screen devices using screen OS
1:19
620 release 15 through 620 release 18
1:24
and 630 released 12 through 6 30 release
1:29
20 are affected in required installation
1:32
of release patches this security
1:34
backdoor vulnerability only affects
1:36
juniper networks as screen OS software
1:39
which is that operating system that runs
1:42
their firewalls you can check out
1:43
junipers security announcement for more
1:46
information a user could potentially
1:48
gain administrative access remotely via
1:50
secure shell ssh or telnet also a user
1:55
could potentially monitor virtual
1:57
private network VPN traffic via
1:59
encryption both issues are independent
2:03
from each other this juniper security
2:05
bulletin addresses more technical
2:07
information about both of these
2:08
potential backdoor security flaws let's
2:10
check out those links
2:13
they have some frequently asked
2:15
questions why did this issue require an
2:18
auto cycle security advisory juniper is
2:20
committed to maintaining the integrity
2:21
and security of our products We strongly
2:26
recommend that all customers update
2:28
their systems and apply these patches
2:29
releases as soon as possible what
2:31
devices does this issue impact it's
2:34
rebate on basically what I wrote all
2:37
netscreen devices that I went over
2:39
through in my blog post is the SRX or
2:42
any other juniper based system affected
2:44
by these issues these vulnerabilities
2:46
are specific to screen OS who can i
2:49
contact if I had have additional
2:51
questions about my system you can email
2:55
sirt at juniper net this is more
2:59
technical information if you're curious
3:00
about this it goes into details about
3:04
the first issue which allows
3:06
unauthorized remote administrative
3:08
access to the device over secure shell
3:11
ssh or telnet and it gives you an
3:14
example of how that person or personas
3:17
could potentially remotely access your
3:20
juniper firewall and gain administrative
3:23
rights and then also it goes over that
3:26
second issue the second issue may allow
3:29
a knowledgeable attacker who can monitor
3:31
VPN traffic and decrypt that traffic so
3:36
they can monitor that traffic by
3:37
decrypting it and those both of those
3:39
issues are separate of each other and
3:41
then it goes through with some solution
3:45
verbiage and work around as well as
3:49
implementation modification history and
3:51
some other out risk level critical
3:55
critical and then risk assessment adios