Exorcising Juniper Networks And FireEye's Ghosts of Christmas Past From Your IT Infrastructure

Posted by UpGuard

Exorcising Juniper Networks And FireEye's Ghosts of Christmas Past From Your IT InfrastructureLast week was a busy one for leading network and security appliance manufacturers FireEye and Juniper Networks. Critical flaws were discovered in hardware products from both vendors, bringing the distressing but unavoidable question to the forefront once again: what recourse is there when the very security mechanisms in place to protect our data assets are themselves highly flawed?

The past few days have seen the releases of highly critical security updates from the two vendors: a patch to address a vulnerability in FireEye's popular NX, EX, AX and FX line of network security devices, and a patched version of Juniper Networks' ScreenOS. Customers have been desperately awaiting resolution since the independent discovery of the flaws last week, in Juniper's case—by its own security team. The FireEye security device flaw was discovered by security researchers at Google Project Zero.

FireEye Device Exploitation

Google Project Zero's blog explains the security flaw in full detail. In essence, a critical vulnerability in FireEye's  NX, EX, AX, and FX network security devices with security content versions 427.334 or older could allow an attacker to root a device through an email phishing scheme. 

Exorcising Juniper Networks And FireEye's Ghosts of Christmas Past From Your IT InfrastructureAnatomy of the FireEye device exploit. Source: Googleprojectzero.blogspot.com.

The Fix: Details here—it's worth noting that the fix is applied through the device's automated security content update. If the device is set to manual update, the fix will not be applied automatically.




Juniper Networks Backdoor and VPN Vulnerability

Juniper issued this announcement last week regarding the discovery of two ScreenOS vulnerabilities during an internal code review:

  • CVE-2015-7755: enables the compromise of the device via an unauthorized remote access vulnerability over SSH/telnet.
  • CVE-2015-7756: allows an attacker to gain access to and silently decrypt/monitor VPN traffic through two backdoors.

Top 10 Red Hat Enterprise Linux 5 Security Checks   

Exorcising Juniper Networks And FireEye's Ghosts of Christmas Past From Your IT Infrastructure

Anatomy of the Juniper Networks firewall backdoor. Source: Wired.com.

The Fix: Download the appropriate update at the ScreenOS software release download page. 

These recently discovered vulnerabilities attest to the fact that all technology is flawedeven security products. Subsequently, the best cyber defense model is one that takes a layered approach to security, combining continuous security monitoring and validation with traditional security solutions like IDPS and firewalls. UpGuard's platform is capable of comprehensive vulnerability scanning and monitoring across complex, heterogenous environments, for all node types: servers, databases, and even network appliances made by vendors such as RedEye and Juniper Networks'. Try it for free— the first 10 nodes are on us.

Schedule an UpGuard demo right now

More Blogs

How CSTAR Works

All the information needed to perform a CSTAR assessment is bundled into the UpGuard platform. Learn more about CSTAR.
Read Blog >

What's In the Website Risk Grader?

The UpGuard Website Risk Grader provides a low friction way to get an initial assessment of a business' risk profile.
Read Blog >

Understanding Risk in the 21st Century

And as we enter 2016, the risk of data breaches in particular threatens to hamper business innovation.
Read Blog >








Topics: Juniper, vulnerabilities

UpGuard Customers