"The change that rendered ScreenOS encryption breakable did nothing but replace a few embedded constants in Juniper's pseudorandom number generator. (...) Thus, it is critical that the discrete logarithm of Q remain unknown. The changes to the ScreenOS code replaced Juniper's chosen Q with one selected by the attacker."

https://cacm.acm.org/magazines/2018/11/232227-where-did-i-leave-my-keys/fulltext