Manufacturer issues patches to remediate the issue

Dec 18, 2015 00:30 GMT  ·  By

Juniper, maker of ScreenOS, an operating system used for enterprise-grade firewall systems, has released a critical patch that fixes a security flaw that allowed attackers access to decrypt VPN connections.

During a recent internal code audit, Juniper employees discovered what they've described as "unauthorized code" inside the source code of their ScreenOS operating system, which the company provides to customers that buy their range of firewall/VPN solutions, advertised as the NetScreen Series.

Attackers could decrypt VPN traffic

According to a security advisory published on the manufacturer's website, this mysterious piece of code "could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections," effectively defeating the purpose of having such type of equipment installed in the first place.

Juniper has already developed a patch that it started distributing to affected clients.

The company states that only customers with NetScreen devices using ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 are affected.

It also said that its initial analysis has not revealed any real-world attacks employing this vulnerability (CVE-2015-7755).

Unauthorized code was inside the OS since 2008

Unfortunately, the earliest affected operating system version, ScreenOS 6.2.0r15, has been released in 2008, which means attackers had nine years at their disposal to carry out their attacks and then step back into the shadows.

Juniper has not revealed how the "unauthorized code" came to be in its ScreenOS source code, but judging that nine years have passed, if the company's developers did not employ a VCS (version control system), it will be hard to track down the culprit.

On the other side, this doesn't necessarily mean the code was placed there by an employee. An attacker that had access to the company's servers at one point during the past years could have also altered the ScreenOS source code with incredible ease.

NetScreen firewall equipment
NetScreen firewall equipment

Photo Gallery (2 Images)

NetScreen firewall equipment vulnerable to cyber-attacks
NetScreen firewall equipment
Open gallery