Critical vulnerability found in MikroTik routers. 900,000 devices under attack

Information security experts from VulnCheck discovered critical vulnerability in MikroTik devices. It puts more than 900,000 routers at risk, the owners of which ignored the update of the RouterOS operating system.

Routers with older firmware lack basic protection against banal password guessing. After all, the old OS does not impose any requirements on them, so users often choose the most banal combinations.

The vulnerability, designated CVE-2023-30799, allows the privileges of the administrator account to be elevated to superadmin, which gives full access to the system. This allows attackers to remotely make significant changes to the underlying OS and hide their actions from detection.

Fortunately, the developers have already released patches that close the gap in the system. MikroTik owners just need to update RouterOS to the latest version.