MicroTik RouterOS DoS Vulnerability

A security researcher has released details of two resource exhaustion vulnerabilities in MikroTik's RouterOS proprietary operating system.

Threat ID:: CC-3012
Category:: DOS
Threat Severity:: Low
Threat Vector:: Vulnerability
Published:: 11 April 2019 12:00 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

A security researcher has released details of two resource exhaustion vulnerabilities in MikroTik's RouterOS proprietary operating system.

Affected platforms

The following platforms are known to be affected:

MikroTik RouterOS

MikroTik RouterOS - Versions rior to 6.43.14 (Long Term) or 6.44.2 (Stable)

Threat details

A remote unauthenticated attacker could exploit these vulnerabilities to cause a denial-of-service condition on an affected product.

Both vulnerabilities appear to be the result of improper handling of IPv6 packets. By default, RouterOS allows the route cache used by IPv6 packets to be larger than the total available memory, an attacker could exploit this using a specific sequence of IPv6 packets to saturate the memory, resulting in a forced reboot.

For further information:

Remediation steps

Type	Step
	Users and administrators are encouraged to review MikroTik's vulnerability announcement notice and apply the necessary updates. MikroTik have also confirmed they are aware of an issue where devices with less than 64Mb of RAM may not be fully remediated.

CVE Vulnerabilities

Status

cve-2018-19298

Status

cve-2018-19299

Last edited: 14 February 2020 2:42 pm