Researchers recently discovered a cybersecurity vulnerability in an OS used by companies like NASA, Vodafone, and Ericsson.
This cybersecurity vulnerability is a buffer overflow, that was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Server Message Block (SMB) is a protocol for sharing files, printers, serial ports and communications abstractions such as named pipes and mail slots between computers.
MikroTik is a company that provides hardware and software for Internet connectivity in most of the countries around the world. RouterOS is MikroTik’s operating system based on Linux v3.3.5 kernel. The most significant cybersecurity problem here is that this OS is used by Vodafone, Ericsson, and NASA, and has over 500 distributors and resellers in 145 countries.
Any remote attackers with access to the service can exploit the vulnerability and then run code execution on the system. This cybersecurity problem affects all architectures and all devices running RouterOS before versions 6.41.3/6.42rc27.
Researchers found out that the overflow occurs in the function in charge of parsing NetBIOS names because no validation is done to ensure that the data fits on the destination buffer.
Compromising company’s OSs and their computer networks represent the most destructive cyber attacks that can be done to a company. This is why every company and an individual user must protect their devices with the latest and best cybersecurity solution.
For an individual user, the best cybersecurity solution comes in the form of an antivirus for Windows or antivirus for Mac depending on which OS their device is running. For companies, this step represents only the first layer of cybersecurity, to obtain the best cybersecurity measure every company must hire a cybersecurity firm that will attack purpose company’s network to reveal the most destructive and dangerous flaws. This kind of deliberate attacks is done through specialized cybersecurity tests like penetration test and ethical hacking tests.