Juniper firewall update unauthorized root access to devices

Juniper warns users of its SRX firewalls that a released system update contains a critical vulnerability that could result in unauthorized root access to devices. All systems whose users used the “request system software” command with the “partition” option installed are vulnerable.

In its first security bulletin in 2017, the company writes that as a result of the update, “the system may be in a state in which root login for the command line becomes available without a password.” All systems upgraded from Junos OS versions to 12.1X46-D65 are at risk.
')
This is possible due to incorrect installation of the update - after its failure, the system “rolls back” to safe mode, created so that the administrator can look at the problem on his own. In this mode, the device can only be used with root-login without a password, and all previously created accounts are erased.

Another important point is that if after installing the update it is installed, but with a bug fixed, it will not fix the vulnerability. Instead, Juniper recommends restarting the device after “detecting obvious symptoms after installing the update.” According to the company, the restart helps to return the system to the correct state ...

A Juniper update error is not the first time that a manufacturer’s actions make their products vulnerable. Previously, information security researchers found a critical vulnerability that allowed a remote unauthorized user to execute arbitrary code or reload Cisco ASA routers.

Experts at Positive Technologies recommend that all users of network equipment from various vendors use specialized tools to detect vulnerabilities - for example, MaxPatrol 8 and MaxPatrol SIEM , a security and compliance monitoring system. These tools allow you to detect errors such as the ability to access without a password (root and other levels), as well as open access without the need to enter your login and password.