In response to the critical vulnerability found in the ScreenOS hardware firewall device's illicit code announced by Juniper Networks last month, the U.S. Senate's Committee on Oversight and Government Reform has requested information from 24 federal agencies and government departments.
The committee sent letters to the department head of each of the government departments emphasizing the urgent nature of Juniper's announced “unauthorized code that could allow a knowledgeable attacker to gain administrative access” to certain devices and “decrypt VPN connections.”
The oversight committee asked for information about the firewalls used by each department and set a two week deadline for agencies to respond. The commission requested information from affected agencies about when they deployed Juniper's patch.
Letters were sent to the major U.S. departments and agencies, including the Department of Defense, Nuclear Regulatory Commission, Department of State and Department of Veteran Affairs.
