You may think that all VPNs designed to protect customers are created equal, but you’d be wrong. Juniper Networks has discovered that its firewalls had backdoors, and that the backdoors have existed for the last three years. The vulnerability was discovered by a security researcher on Twitter known as “The Grugq,” who posted two messages about it: first, Grugq said that the backdoor “has been inserted into their own OS source,” implying something intentional and deliberate. The next post said that the backdoor had been in place since August 2012. The company says it discovered the backdoors during the company’s own code review and has since released security patches to combat the vulnerability:
During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections. Once we identified these vulnerabilities, we launched an investigation into the matter, and worked to develop and issue patched releases for the latest versions of ScreenOS. At this time, we have not received any reports of these vulnerabilities being exploited; however, we strongly recommend that customers update their systems and apply the patched releases with the highest priority.
The firewall backdoors have been in existence since 2012, three years ago, which makes you wonder why it took Juniper Networks so long to detect it. Hopefully, the company will conduct more internal code reviews after every few months – and not wait so long to find a vulnerability that could impact large numbers of customers. People tend to use VPNs for a reason, and that reason shouldn’t be left up to exploitation by prying eyes that shouldn’t have access in the first place.