MikroTik RouterOS Memory Corruption Vulnerability in SMB Service Leading to Remote Denial-of-Service

Vulnerability

A memory corruption vulnerability has been identified in the SMB service of MikroTik RouterOS version 6.40.5. This issue allows remote, unauthenticated attackers to exploit the vulnerability by sending specially crafted packets, causing a null pointer dereference. The exploitation of this vulnerability leads to a remote denial-of-service condition, making the SMB service unavailable.

Impact

Exploitation of this vulnerability causes a remote denial-of-service condition, disrupting the availability of the SMB service.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

7.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

7.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MikroTik RouterOS Memory Corruption Vulnerability in SMB Service Leading to Remote Denial-of-Service

Vulnerability

Impact

Affected Products

MikroTik RouterOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating