“Unauthorized code” in Juniper firewalls decrypts encrypted VPN traffic

Crusty

Lifer
Sep 30, 2001
12,684
2
81
I would love to hear the rest of their story.

What exactly was this 'unauthorized code' and how did it get into their production builds? Was it in-house engineering staff or a contractor?

From their rather simple description it sounds like a backdoor to the management interface. I wonder if there was more than just unecrypted VPN data that could be accessed....
 

matricks

Member
Nov 19, 2014
194
0
0
I would love to hear the rest of their story.

What exactly was this 'unauthorized code' and how did it get into their production builds? Was it in-house engineering staff or a contractor?

From their rather simple description it sounds like a backdoor to the management interface. I wonder if there was more than just unecrypted VPN data that could be accessed....

No need to wonder, administrative access is confirmed right in their advisory.

Important Announcement about ScreenOS®
During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen® devices and to decrypt VPN connections.