MikroTik RouterOS < 6.39.3 / 6.40.4 / 6.41rc (KRACK)

high Nessus Plugin ID 103857

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote networking device is affected by a heap corruption vulnerability.

Description

According to its self-reported version, the remote networking device is running a version of MikroTik 6.9.X prior to 6.39.3, 6.40.x < 6.40.4, or 6.41rc. It, therefore, vulnerable to multiple vulnerabilities discovered in the WPA2 handshake protocol.

Solution

Upgrade to MikroTik RouterOS 6.39.3 / 6.40.4 / 6.41rc or later.

See Also

http://www.nessus.org/u?db1a2125

https://forum.mikrotik.com/viewtopic.php?f=21&t=126694

Plugin Details

Severity: High

ID: 103857

File Name: mikrotik_KRACK.nasl

Version: 1.12

Type: remote

Family: Misc.

Published: 10/16/2017

Updated: 11/12/2019

Dependencies: mikrotik_detect.nasl, ssh_detect.nasl

Risk Information

CVSS Score Source: CVE-2017-13083

VPR

Risk Factor: Medium

Score: 6

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:mikrotik:routeros

Required KB Items: MikroTik/RouterOS/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 10/16/2017

Vulnerability Publication Date: 10/12/2017

Reference Information

CVE: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13083, CVE-2017-13084, CVE-2017-13085, CVE-2017-13086, CVE-2017-13087

BID: 101274

IAVA: 2017-A-0310