Wednesday, December 23, 2015

Juniper Networks Shortens ScreenOS Threat List



                                                                           
Jupiters Neywork on Sunday informed customers that recent security threats to its ScreenOS were not aswidespread as initially believed.The company last week issued an alert following its discovery in ScreenOS of unauthorized code that could allow an attacker to gain administrative control of devices using Netscreen (Administrative Access) or to decrypt a virtual private network (VPN Decryption).
The two issues are unrelated to each other, according to the company.
Juniper originally advised all customers that the Administrative Access code affected ScreenOS 6.30r12 through 6.30r20, and that the VPN Decryption code affected ScreenOS 6.20r15 through 6.20r18, and it advised users to patch their systems.
"Once we identified these vulnerabilities, we launched an investigation into the matter and worked to develop and issue patched releases for the latest versions of ScreenOS," noted Bob Worrall, senior vice president and chief information officer.
That investigation led Juniper to narrow the list of affected versions.
"Administrative Access ... only affects ScreenOS 6.3.0r17 through 6.3.0r20," Worrall wrote in Sunday's update. "VPN Decryption ... only affects ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3. 0r 12 through 6.3. 0r 20."
"We strongly recommend that all customers update their systems and apply these patched releases with the highest priority," he added.
Juniper had not received any notifications of exploitation of the vulnerabilities when it issued its original alert last week, and as of Monday, it had nothing further to share on the security issues, spokesperson Danielle Hamel told TechNewsWorld.

Because the vulnerabilities are reminiscent of the disclosures whistleblower Ed Snowden made about NSA techniques to gain unauthorized access to various networking systems, questions have surfaced about whether the unauthorized code could be connected to backdoor government surveillance.
"The NSA ANT catalogue has detailed capabilities on penetrating Juniper firewalls and they have spent considerable time and effort building customized capabilities for several enterprise firewall vendors,"LogicNow Security Lead Ian Trump told TechNewsWorld.

Juniper declined to respond to TechNewsWorld's specific questions about the timing of its discovery of the latest vulnerabilities, but the company vehemently denied working with government officials to install code that could exploit its own systems.
"As we've stated previously, Juniper Networks [takes] allegations of this nature seriously," said spokesperson Hamel. "To be clear, we do not work with governments or anyone else to purposefully introduce weaknesses or vulnerabilities into our products."
The company "consistently operates with the highest of ethical standards" and is committed to "maintaining the integrity, security and assurance" of its products, she said.
Juniper previously investigated reports published in Germany's Der Spiegel, which suggested that the NSA might be using "software implants" to exploit vulnerabilities in its BIOS.
Release notes from the company appear to show the affected ScreenOS flaws date back to at least 2012.

No comments:

Post a Comment