Juniper Networks discovers "unauthorized" code that decrypts encrypted VPN traffic

Information Technology

Networking provider Juniper Networks has released an emergency patch to remedy what appears to be an intentional backdoor into many of its products.

Juniper Chief Information Officer Bob Worrall said that during a recent internal code review, they found "unauthorized code" in ScreenOS that could allow a knowledgeable attacker to gain admin access to NetScreen devices and to decrypt VPN connections.

The company said NetScreen devices using ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 are affected and require immediate patching. Worrall said that once they identified the issue, they launched an investigation and set about developing and issuing a patched version of ScreenOS.

Juniper Networks added that they have not received any reports of the vulnerabilities being exploited in the wild (nor should they expect to). The obvious question is, how did the nefarious code get into the software to begin with? Was it a rogue employee on a power trip or did a government agency have something to do with it?

As Ars Technica points out, an article a few years back published by Der Spiegel references an NSA operation targeting Juniper firewalls that gave them backdoor access. Said operation, dubbed FEEDTHROUGH, was described as malware that could get into Juniper firewalls and even survive software upgrades.

Conveniently enough, Juniper doesn't mention how it thinks the code might have come into play.

Source: techspot
Share on Google Plus

About Unknown

This is a short description in the author block about the author. You edit it by entering text in the "Biographical Info" field in the user admin panel.
    Blogger Comment

0 comments:

Post a Comment