What does the Juniper backdoor actually allow an attacker to do?

As the exploit gives root access to the Juniper device, an attacker can:

  • Decrypt all VPN traffic to the device, thus allowing viewing of all traffic through encrypted tunnels that terminate at the Juniper box
  • Edit firewall rules on the box, allowing an attacker to remove rules protecting assets within the network
  • Alter routing tables where these are used, perhaps redirecting traffic
  • View logs stored on the device
  • Edit logs on the device to remove any trace of compromise

Root on the box.

So, "yes" to all.

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713&actp=search

Exploitation of this vulnerability can lead to complete compromise of the affected system.

Update: Password disclosed
Rapid7 have disclosed the password.

Tags:

Juniper

Firewalls

Backdoor

Related

XSS via JSON: Why does a web application not sanitize either its incoming params hash or its outgoing JSON values of malicious tags like Script? Should I be concerned that Google no longer trusts specific Symantec root CA cert that is also on my Windows system? How to defeat doubling up apostrophes to create SQLi attack? Phone call to try and gain access What is happening now with the Grub backspace key security vulnerability? My country is attempting to block WhatsApp, what to do? Why would the government collect Wi-Fi SSIDs via manual door-to-door questioning of citizens? Samsung SSD 850 EVO. Best way to protect personal data against thiefs How to choose a password that I have to remember for a long time but do not use a lot What exactly does `ssh -T user@domain verify` do? Docker as a sandbox for untrusted code Does a Content Delivery Network (CDN) interrupt end-to-end security?

Recent Posts