Home >> News >> Hackers can Gain Access to Juniper Products Running ScreenOS

Hackers can Gain Access to Juniper Products Running ScreenOS

Hackers can Gain Access to Juniper Products Running ScreenOS
Hide yo kids, hide yo wife, but especially hide yo VPN data.

Hackers can gain access to Juniper products running ScreenOS, announces the company itself. A backdoor has been found in NetScreen firewalls, which gives hackers admin access, and the ability to decrypt VPN.

The company doesn’t know how the unauthorized code got in there, or for how long it’s been inside their software. The company warned that NetScreen firewalls based on ScreenOS 6.2.0r15 to 6.2.0r18, and 6.3.0r12 to 6.3.0r20 are afflicted. Juniper recommends immediate patching.

The company published release notes, which hint that the code has been implemented since 2012. However, ScreenOS 6.2 was launched in 2008, so there’s a possibility that the backdoor has been present inside the software for the past 7 years or so.

The company has refused to speak with the countless journalists of the tech world that hailed them with e-mails since the news broke out yesterday.

What can hackers do if they gain access?

They can monitor the VPN traffic in order to decrypt it.

Also, the code offers remote administrative access to ScreenOS running devices via SSH or telnet.

How did the code got in there?

There are two scenarios at the moment. The first is that it may be some rejected code left in production releases of the operating system, noticed by an internal SNAFU. It’s incredibly troublesome, with dire consequences for the company’s customers, but it’s way better than the second scenario.

The second theory entails that a third party hid the code into ScreenOS in order to gain access, and potentially do damage, to Juniper customers. This third party can very well be the NSA.

When the classified documents were leaked by, now former, NSA subcontractor Edward Snowden, it showed that NSA agents could easily intercept network gear from Cisco Systems while said products were being shipped to their designated owners.

The NSA was responsible for installing unwanted and borderline illegal firmware onto countless devices before they were sent to their final destination.

Maintaining a covert firmware onto a device for so long is a highly complicated thing to do. However, in 2013, an article published by Der Spiegel showcased how an NSA operation – simply known as FEEDTHROUGH; was capable of working against Juniper OSes – read, firewalls; and the agency had constant access via backdoors.

The article reported that the malware tunnelled into Juniper firewall, and it granted NSA programs access to the mainframe computer. These programs don’t get deleted even if a reboot or a software upgrade is performed.

FEEDTHROUGH has been included in many platforms, states the catalogue.

Juniper’s advisory doesn’t hint at the NSA. Actually, the company doesn’t have any leads at the moment as who the perpetrator was.

The company has announced that there’s no evidence that the unauthorized code has been added in other Juniper OSes or  products.

About Bhanu Jamwal

Living in Aldine, TX, he writes about Mac, iOS, Android and IT Hardware. Apart from writing on The Next Digit, he is also an expert in providing valuable seminars on IT Peripherals and IT Security. All posts by Bhanu

2 comments

  1. Now you know what I mean by these guys selling lemons. Their own Firewalls can be hacked..what are they selling as prevention and End Point Detection and Advanced Protection Threat!

    The fools at IT Security need to wake up; if Firewalls like of Juniper can be hacked, they should know that all of them can be. The sentry is no good; you can get past it easily. Foolish to buy protection from cybersecurity firms like Palo Alto Networks, Fireye, Cyberark, Fortinet, Palantir, etc…if the mighty JNPR doesn't know what's going on, surely these pure play cybersecurity firms are completely clueless about how hackers really operate.

    Sanjay
    I am short shares of PANW

  2. G­­o­­­o­­­g­­l­­e­­­ i­­s­­ <­­­p­­a­­y­­i­­n­­g­­ 9­­7­­$ p­­e­­r h­­o­­u­­r! ­­W­­o­­r­­k ­­f­­­­o­­r ­­f­­­­e­­­­w­­ h­­­­o­­u­­r­­s ­­a­­n­­d h­­a­­v­­e l­­o­­n­­g­­e­­r w­­i­­t­­h­­ f­­­­r­­i­­e­­n­­d­­s & ­­f­­a­­m­­i­­l­­y­­! ­­O­­n ­­t­­u­­e­­s­­d­­a­­y I g­­o­­t ­­a­­ g­­r­­e­­a­­t ­­n­­e­­w­­ L­­a­­n­­d­­ R­­o­­v­­e­­r ­­R­­a­­n­­g­­e ­­R­­o­­v­­e­­r­­ f­­r­­o­­m h­­a­­v­­i­­n­­g e­­a­­r­­n­­e­­d­­ $­­8­­7­­2 t­­h­­i­­s ­­l­­a­­s­­t­­ f­­o­­u­­r­­ w­­e­­­­e­­k­­s. ­­I­­t­­s­­ t­­h­­e­­ m­­o­­s­­t­­­f­­i­­n­­a­­n­­c­­i­­a­­l­­y­­ r­­e­­w­­a­­r­­d­­i­­n­­g ­­I­­'­­v­­e ­­h­­a­­d­­.­­ I­­t­­ s­­o­­u­­n­­d­­s­­ u­­n­­b­­e­­l­­i­­e­­v­­a­­b­­l­­e­­ b­­u­­t ­­y­­o­­u w­­o­­n­­t f­­o­­r­­g­­i­­v­­e ­­y­­o­­u­­r­­s­­e­­l­­f i­­f ­­y­­o­­u d­­o­­n­­’­­t­­ c­­h­­e­­c­­k i­­t­

    ᴵᴵᴵᴵᴵᴵᴵᴵᴵw­­o­­r­­k­­w­­e­­b­­9­­0­­.­­c­­o­­mᴵᴵᴵᴵᴵᴵᴵᴵᴵ

Leave a Reply

Your email address will not be published. Required fields are marked *