MikroTik Winbox Zero-Day Vulnerability

A new zero-day vulnerability in MikroTik's RouterOS operating system Winbox port has been discovered.

Threat ID:: CC-2328
Category:: Exploit
Threat Severity:: Low
Threat Vector:
Published:: 2 May 2018 12:00 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

This content has been archived

This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk

Summary

A new zero-day vulnerability in MikroTik's RouterOS operating system Winbox port has been discovered.

Threat details

For further information:

CVE-2018-14847

Threat updates

Date	Update
11 Sep 2018	Attackers have been exploiting this vulnerability to mine cryptocurrency.

Remediation steps

Type	Step
	MikroTik have released an update to RouterOS which rectifies this vulnerability. Users should update immediately. Ensure default credentials are not used on affected routers. The Winbox utility tool can be used to change the port used by Winbox or limit which IP addresses can use the port.

CVE Vulnerabilities

Status

CVE-2018-14847

Last edited: 17 February 2020 12:49 pm