HeartBleed Hits Cisco and Juniper!
But wait, there’s more! HeartBleed isn’t through it with us yet! It turns out that the exploit also affects networking gear from Cisco and Juniper.
HeartBleed, has already affected popular web and e-commerce sites, and now it seems that many of Cisco’s products use a version of the OpenSSL as well! In a press release they said this “could allow an unauthenticated, remote attacker to retrieve memory in chunks of 64 kilobytes from a connected client or server.”
Juniper also posted a “high alert” on their support page with similar information. Infected networking hardware is not as easy to fix as a simple software patch, in many cases, in fact, in some cases the upgrade is going to require buying new hardware!
This is because the code is actually embedded in the chips within some of the hardware. As you might imagine, this is not going over well with people that own this hardware!
Before it’s all said and done, I expect that HeartBleed will rack up millions of dollars in successful exploits to people’s accounts, as well as corporate remediation of hardware!