PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

Juniper Finds 'Unauthorized Code' in Firewall, VPN OS

Stephanie Mlot
 & Stephanie Mlot Contributor

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS

Juniper Networks this week dislcosed that "unauthorized code" had been inserted into ScreenOS, the operating system that runs its firewall and VPN services.

According to Juniper, this code "could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections." That's troubling because the whole point of having a virtual private network (VPN) is to keep your connection secure, especially if you're logging on from a neighborhood coffee shop's public Wi-Fi.

"Once we identified these vulnerabilities, we launched an investigation into the matter, and worked to develop and issue patched releases for the latest versions of ScreenOS," Juniper said.

The problem came to light during "a recent internal code review." But the big question is, how did it get there? Given that the NSA reportedly likes to hack into routers, switches, and firewalls, the secretive government agency is a likely suspect.

Juniper told Forbes that it did not work with the NSA to add backdoors into its system. A 2013 Der Spiegel piece, however, said that NSA specialists "succeeded years ago in penetrating [Juniper's] digital firewalls."

Recommended by Our Editors

Google Will Soon Spot Fake Calls on Supported Android Phones
Google Will Soon Spot Fake Calls on Supported Android Phones
Report Cites Misinformation As Key Threat to Election Security, Doesn't Name the Biggest Offenders
Report Cites Misinformation As Key Threat to Election Security, Doesn't Name the Biggest Offenders
Meta's AI Chatbot Allegedly Helped Hackers Hijack Instagram Accounts
Meta's AI Chatbot Allegedly Helped Hackers Hijack Instagram Accounts

Malware known as Feedtrough "burrows into Juniper firewalls and makes it possible to smuggle other NSA programs into mainframe computers," Der Spiegel said. "Thanks to Feedtrough, these implants can, by design, even survive 'across reboots and software upgrades.' In this way, US government spies can secure themselves a permanent presence in computer networks."

For the time being, NetScreen users running ScreenOS 6.2.0r15 through 6.2.0r18, and 6.3.0r12 through 6.3.0r20 are affected, and require patching.

"At this time, we have not received any reports of these vulnerabilities being exploited," said Bob Worrall, Juniper CIO. "However, we strongly recommend that customers update their systems and apply the patched releases with the highest priority."

Detailed instructions for applying the update can be found online; customers with questions about their system should email sirt@juniper.net.

About Our Expert

Stephanie Mlot

Stephanie Mlot

Contributor

My Experience

  • B.A. in Journalism & Public Relations with minor in Communications Media from Indiana University of Pennsylvania (IUP)
  • Reporter at The Frederick News-Post (2008-2012)
  • Reporter for PCMag and Geek.com (RIP) (2012-present)

My Areas of Expertise

  • Science & Space
  • Video Streaming Services
  • Social Media
  • Cars & Auto
  • Education

The Tech I Use

  • iPhone 12 Pro
  • MacBook Air (hooked up to a 23-inch Dell monitor)
  • Google Chrome
  • Google Drive
  • Soundcore Life P3 earbuds
  • Various Amazon Echo devices

Read the latest from Stephanie Mlot

Read full bio