Vulnerability found in MikroTik’s RouterOS software
Target: Users of MikroTik’s RouterOS software
Attack Vector: Worldwide
Summary: A buffer overflow vulnerability, classed as critical, has been found in hardware and software developers MikroTik’s RouterOS software. It affects all MikroTik routers running software versions prior to 6.41.3. The routers are used worldwide by a plethora of different companies and following the publication of this vulnerability, exposes them to an attack if not patched.
Risk assessment summary: The threat is assessed as 3e MODERATE. The researchers who discovered the vulnerability have stated that the method is reliable and therefore dangerous to any company using MitroTik RouterOS, who have not installed the updated version of the software that includes the patch. As this vulnerability makes it possible for an attacker to execute malware on a router, it raises a concern for any company due to the risk of an infection on their network.