Juniper Networks has announced that it has discovered “unauthorized code” in ScreenOS, the operating system for its NetScreen firewalls, that could allow an attacker to decrypt traffic sent through Virtual Private Networks (VPNs). Juniper suspects the bug has been around since 2012.
An advisory published by the company notes that the backdoor impacts NetScreen firewalls using ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20. The vulnerability allows an attacker to remotely log-in to the firewall with administrator privileges, decrypt and spy on thought-to-be-secure traffic, and then even remove every trace of their activity.
CNN reports that the FBI is investigating the breach to see if it let hackers working for foreign governments spy on the US government and private companies for up to three years. Government authorities have some suspicions that the hack was orchestrated by foreign government hackers, because pulling off a hack of this type was a pretty sophisticated move.
A Juniper spokesperson referred to their public blog post as its official comment, emphasizing,”Once we identified these vulnerabilities, we launched an investigation and worked to develop and issue patched releases for the impacted devices. We also reached out to affected customers, strongly recommending that they update their systems.”
If you have questions about whether you are affected by the breach and what steps you need to take, contact ACE IT Solutions at 646.558.5575.