MikroTik RouterOS < 6.39.3 / 6.40.4 / 6.41rc (KRACK)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote networking device is affected by a heap corruption
vulnerability.

Description :

According to its self-reported version, the remote networking device
is running a version of MikroTik 6.9.X prior to 6.39.3, 6.40.x <
6.40.4, or 6.41rc. It, therefore, vulnerable to multiple
vulnerabilities discovered in the WPA2 handshake protocol.

See also :

http://www.nessus.org/u?db1a2125
https://forum.mikrotik.com/viewtopic.php?f=21&t=126694

Solution :

Upgrade to MikroTik RouterOS 6.39.3 / 6.40.4 / 6.41rc or later.

Risk factor :

High / CVSS Base Score : 8.3
(CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.9
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now