A bug in the OpenSSL software library, known as Heartbleed, has hit the headlines this week, but aside from affecting millions of websites, it has been confirmed it also puts wireless internet routers at risk.
Heartbleed affects hardware made by two of the world's best-known networking equipment manufacturers - Cisco and Juniper Networks. The list of affected hardware includes routers, switches and firewalls often used by businesses.
On Thursday, Cisco confirmed that the over a dozen of its products or services are thought to be vulnerable to Heartbleed. A full list of the all the products and services under investigation, have been listed on the company's website.
"Expect a product by product advisory about vulnerabilities," said Cisco spokesman Nigel Glennie, who went on to add that his company's engineers are evaluating which Cisco products use the flawed versions of OpenSSL that may need a patch. However, he also said that not all products will require to be patched.
Apart from the ones that have been confirmed as vulnerable, Cisco is also investigating 65 other products for vulnerabilities. The company has said that it is working to release patches to address all Heartbleed-related vulnerabilities for its products soon.
Juniper Networks has also confirmed that eight of its products are vulnerable to the Heartbleed flaw, saying it is "working around the clock to provide fixed versions of code for our affected products."
Vulnerable products still on sale
The vulnerable networking devices are in some cases difficult to fix and the process might force some businesses to get rid of some of their old hardware in favour of newer networking equipment.
Even the products currently on sale in stores could be vulnerable to the bug, since they were shipped long before Heartbleed was revealed publicly on Monday.
Many companies use firewalls and virtual private networks to safeguard their systems and networks from attackers. However, since equipment from even the most reputed manufacturers is vulnerable to the heartbleed bug, attackers could have an easy entry point to these networks and steal sensitive data.
German computer programmer Robin Seggelmann has been revealed as the man whose coding mistake which left two-thirds of active websites on the internet vulnerable to attack. Seggelmann is one of a small group of volunteers who maintain the code across four continents.
Speaking to the Sydney Morning Herald, Seggelmann said it was a "simple programming error" which caused the flaw.