Juniper has released a patch for critical vulnerabilities in devices running ScreenOS® software.
While reviewing code, Juniper found an unauthorized code in ScreenOS that could allow hackers to have administrative access to NetScreen® devices and decrypt VPN connections.
“Once we identified these vulnerabilities, we launched an investigation into the matter, and worked to develop and issue patched releases for the latest versions of ScreenOS”, Bob Worrall, SVP Chief Information Officer, wrote on their website.
These vulnerabilities has affected all NetScreen devices using ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20,
According to website, they haven’t received any reports of exploitation of these vulnerabilities. But, they strongly recommend users to update their systems, and apply the new patched releases.
“Juniper is committed to maintaining the integrity and security of our products. Consistent with industry best practices, this means releasing patches for products in a timely manner to maintain customer security. We believed that it was in our customers’ best interest to issue these patched releases with the highest priority. We strongly recommend that all customers update their systems and apply these patched releases as soon as possible”, says Bob.
The company has eased its users that they are taking this matter seriously, and anyone who finds difficulty in applying this update to systems can e-mail them at sirt@juniper.net or visit their website http://advisory.juniper.net.
While reviewing code, Juniper found an unauthorized code in ScreenOS that could allow hackers to have administrative access to NetScreen® devices and decrypt VPN connections.
“Once we identified these vulnerabilities, we launched an investigation into the matter, and worked to develop and issue patched releases for the latest versions of ScreenOS”, Bob Worrall, SVP Chief Information Officer, wrote on their website.
These vulnerabilities has affected all NetScreen devices using ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20,
According to website, they haven’t received any reports of exploitation of these vulnerabilities. But, they strongly recommend users to update their systems, and apply the new patched releases.
“Juniper is committed to maintaining the integrity and security of our products. Consistent with industry best practices, this means releasing patches for products in a timely manner to maintain customer security. We believed that it was in our customers’ best interest to issue these patched releases with the highest priority. We strongly recommend that all customers update their systems and apply these patched releases as soon as possible”, says Bob.
The company has eased its users that they are taking this matter seriously, and anyone who finds difficulty in applying this update to systems can e-mail them at sirt@juniper.net or visit their website http://advisory.juniper.net.