Detections
Analytics

MikroTik RouterOS <= 7.20 Authentication Bypass via Improper Certificate Validation (CVE-2025-42611)

medium Nessus Plugin ID 313232

Synopsis

The remote networking device is affected by an authentication bypass vulnerability.

Description

According to its self-reported version, the remote networking device is running a version of MikroTik RouterOS 7.x prior to or equal to 7.20. It is, therefore, affected by an authentication bypass vulnerability caused by improper certificate validation.

The vulnerability lies in shared certificate validation logic which uses the system certificate store that is shared and equally trusted by all system services. This causes confusion of scope, allowing any certificate authority present in the system-wide trust store to be trusted in any context, enabling partial or full authentication bypass in CAPsMAN, OpenVPN, Dot1X (802.1X), and potentially other services.

Note that Nessus has not tested for this issue but has instead relied only on the router's self-reported version number.

Solution

Upgrade to MikroTik RouterOS 7.21 or later. After upgrading, manually review and restrict the trust-store scope of all imported certificates.

See Also

https://www.cert.si/en/cve-2025-42611/

Plugin Details

Severity: Medium

ID: 313232

File Name: mikrotik_CVE-2025-42611.nasl

Version: 1.1

Type: Remote

Family: Misc.

Published: 5/8/2026

Updated: 5/8/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.3

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2025-42611

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Vulnerability Information

CPE: cpe:/o:mikrotik:routeros

Required KB Items: MikroTik/RouterOS/Version

Patch Publication Date: 4/10/2026

Vulnerability Publication Date: 4/10/2026

Reference Information

CVE: CVE-2025-42611

CWE: 295

IAVA: 2026-A-0432