CVE-2021-41987 — HIGH (8.1)

Vulnerability Description

In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scep_server_name value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10.

CVSS Score

8.1

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Mikrotik	Routeros	6.46.8

Related Weaknesses (CWE)

CWE-787

References

https://mikrotik.com/download/archiveRelease NotesVendor Advisory
https://teamt5.org/en/posts/vulnerability-mikrotik-cve-2021-41987/ExploitThird Party Advisory
https://mikrotik.com/download/archiveRelease NotesVendor Advisory
https://teamt5.org/en/posts/vulnerability-mikrotik-cve-2021-41987/ExploitThird Party Advisory

FAQ

What is CVE-2021-41987?

CVE-2021-41987 is a vulnerability with a CVSS score of 8.1 (HIGH). In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scep_server_name value...

How severe is CVE-2021-41987?

CVE-2021-41987 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-41987?

Check the references section above for vendor advisories and patch information. Affected products include: Mikrotik Routeros.