Heartbleed Affects Routers, Too

Illustration for article titled Heartbleed Affects Routers, Too

Some more heartache from Heartbleed: it affects routers, too. Cisco Systems and Juniper Networks have announced that the security hole that is Heartbleed has been found in their networking equipment.


It's perhaps not too surprising that the bug—basically a simple flaw in OpenSSL that allows attackers to bypass the usual security protocols used by many sites—is present in networking devices. After all, they use SSL too, and older devices naturally use an older version.

It is, however, a laborious task to check hardware for the flaw. Fortunately, not all networking hardware is affected, because they don't all use the same version of OpenSSL. So far, only Cisco Systems and Juniper Networks had admitted that their devices are at risk.

You can check to see if your Juniper Networks device is affected here and here, or your Cisco Systems device here. Both companies are working on patches for the affected hardware, which you'll want to download and install ASAP. [Wall Street Journal via Engadget]


Done With This Site

Just to be clear, most of Cisco's gear is still "under investigation". Only a handful of their stuff is confirmed to be vulnerable and none of the items listed are their routers.