CVE List

CVE-2020-10364

Critical 7.5

The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management.

Published March 23, 2020.

Affected software

Mikrotik Hex S Firmware

Mikrotik Rb4011igs\+rm Firmware

Mikrotik Powerbox Pro Firmware

Mikrotik Ccr1016-12g Firmware

Mikrotik Rb2011uias-in Firmware

Mikrotik Rb2011il-rm Firmware

Mikrotik Hex Poe Firmware

Mikrotik Ccr1009-7g-1c-pc Firmware

Mikrotik Ccr1009-7g-1c-1s\+ Firmware

Mikrotik Ccr1036-8g-2s\+ Firmware

Mikrotik Powerbox Firmware

Mikrotik Ccr1016-12s-1s\+ Firmware

Mikrotik Hex Firmware

Mikrotik Hex Poe Lite Firmware

Mikrotik Ccr1009-7g-1c-1s\+pc Firmware

Mikrotik Hex Lite Firmware

Mikrotik Ccr1036-8g-2s\+em Firmware

Mikrotik Rb3011uias-rm Firmware

Mikrotik Rb2011ils-in Firmware

Mikrotik Rb2011il-in Firmware

Mikrotik Rb1100ahx4 Firmware

Mikrotik Ccr1036-12g-4s-em Firmware

Mikrotik Ccr1072-1g-8s\+ Firmware

Mikrotik Rb2011uias-rm Firmware

Mikrotik Ccr1036-12g-4s Firmware

Reference links

Sign Up for Alerts