Critical patches issued after spying backdoors found built into Juniper firewalls
Networking manufacturer Juniper has discovered backdoors built into its firewalls. The company says that a number of its devices running the ScreenOS operating system include serious vulnerabilities that could be used to take remote control of networked devices, or to decrypt VPN traffic.
The company says that the security issues were unearthed during an internal code review and has issued an out-of-cycle fix to address the vulnerabilities. Network admins are advised to treat the threats seriously, and to make use of the available patches immediately.
The first vulnerability (CVE-2015-7755) enables attackers to use SSH or telnet to log into a system without authorization. Juniper warns that this could lead to a "complete compromise of the affected system". There is a further warning that it would be possible for an attacker to cover his tracks so the victim would have no idea of what had happened: "There is no way to detect that this vulnerability was exploited".
The second issue (CVE-2015-7756) could allow a skilled attacker to intercept and decrypt VPN traffic, but Juniper says that there is no indication that there have been any successful exploits. In a security advisory notice, the company says:
During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections. Once we identified these vulnerabilities, we launched an investigation into the matter, and worked to develop and issue patched releases for the latest versions of ScreenOS.
At this time, we have not received any reports of these vulnerabilities being exploited; however, we strongly recommend that customers update their systems and apply the patched releases with the highest priority.
If you're using a NetScreen device with ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20, you need to install the new updates as soon as possible.