HomeNetwork SecurityMultiple Security issues with ScreenOS (CVE-2015-7755, CVE-2015-7756)

Multiple Security issues with ScreenOS (CVE-2015-7755, CVE-2015-7756)

On December 17th, 2015, Juniper Networks published an Important Announcement about ScreenOS which is pointing authentication backdoor and VPN decrypt on GT and SSG series devices.

The backdoor can be exploited by using random username and backdoor password through SSH and Telnet.

  • On lab environment, I tested ScrenOS 6.3.0r17 version on SSG20 brand and the result was stunning. As seen below, only two user was created on the device.

Picture1 – Administrator Database
  • If the device is vulnerable, you should reach highest privileges on the device.
Screen Shot 2015-12-21 at 15.00.16
Picture2 – Login with Random Username and Backdoor Password
  • Upon exploitation of this vulnerability, the log file would contain an entry that ‘system’ had logged on followed by password authentication for a username. Out of Cycle Security Bulletin
Picture3 – Observing Backdoor Login on Syslog Events

Finally, I also tested the some other versions  such as 6.2.0r9.0 and 6.2.0r5.0, it is observed that they don’t have backdoor vulnerability.


Ali Bay
Ali Bay
Sr. Network & Security Engineer



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments