On Thursday, December 17th, Juniper Networks announced a newly discovered vulnerability in NetScreen devices running certain versions of their ScreenOS software.
NetScreen Devices using ScreenOS versions
- 6.2.0r15 through 6.2.0r18 (VPN Decryption)
- 6.3.0r12 through 6.3.0r20 (VPN Decryption)
- 6.3.0r17 through 6.3.0r20 (Administrative access)
CentraComm has many processes in place to identify, mitigate, and respond when a discovery like this is found.
- Discuss: We discuss the extent and details of the vulnerability with our partners to determine all methods that could be used to exploit.
- Educate: We immediately communicate the vulnerability with impacted customers and educate them on the current situations and our recommended path forward.
- Test: We test the recommended software patch in a secure CentraComm sandbox environment to verify it has no adverse effects on your environment.
- Implement: Once the patch is deemed effective and stable, we immediately schedule an upgrade to all necessary devices to remove vulnerability.
Furthermore, CentraComm utilizes best practices to drastically reduce the risk of these issues before they happen. This includes applying specific restrictions to firewalls to heavily reduce the opportunity for a device to be compromised. In situations like this, CentraComm managed service customers receive immediate notification and updates from our certified engineering team. CentraComm is strongly recommending the installation of the ScreenOS patch to those with existing impacted Netscreen devices.
Customers with questions about their systems should e-mail us at email@example.com or contact your CentraComm account manager.