SSH Daemon Denial of Service Vulnerability in MikroTik Routers
CVE-2020-10364

7.5HIGH

Key Information:

Vendor: Mikrotik
Status: Routeros
Vendor: CVE Published:; 23 March 2020

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2020-10364?

The SSH daemon in MikroTik routers, specifically versions up to v6.44.3, is susceptible to a vulnerability that allows remote attackers to exploit uncontrolled resource management. By executing specific connect and write system calls, attackers can generate excessive CPU activity on the affected device. This can ultimately lead to the denial of new authorized connections, potentially resulting in a complete system reboot. Such vulnerabilities highlight significant concerns for device availability and the importance of maintaining up-to-date firmware.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2020-10364 - Proof of Concept

References

https://www.exploit-db.com/exploits/48228

x_refsource_MISC

https://packetstormsecurity.com/files/156790/Microtik-SSH...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Mar 23, 2020
👾
Exploit known to exist
Mar 23, 2020
Vulnerability published
Mar 23, 2020
Vulnerability Reserved
Mar 10, 2020

CVE-2020-10364 Data

JSON

Mikrotik

Badges

What is CVE-2020-10364?

Exploit Proof of Concept (PoC)

References

CVSS V3.1

Timeline