Community discussions

MikroTik App
  4. RouterOS
  5. Forwarding Protocols

BGP implementation affected by CVE-2022-40302, CVE-2022-40302 or CVE-2022-43681?

Post Reply
 
bbs2web
Member Candidate
Member Candidate
Topic Author
Posts: 232
Joined: Sun Apr 22, 2012 6:25 pm
Location: Johannesburg, South Africa
Contact:
Contact bbs2web

BGP implementation affected by CVE-2022-40302, CVE-2022-40302 or CVE-2022-43681?

Wed May 03, 2023 7:39 am

The CVEs referenced in the subject line have been publicised and the article specifically mentions RouterOS. Obliviously hoping that Mikrotik's BGP implementation isn't affected, could someone at Mikrotik comment?

https://thehackernews.com/2023/05/resea ... ws-in.html

Report by Forescout appears to indicate that the vulnerability only affects Quagga and FRR:
https://www.forescout.com/blog/three-ne ... -software/
Top
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 3005
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:
Contact chechito

Re: BGP implementation affected by CVE-2022-40302, CVE-2022-40302 or CVE-2022-43681?

Wed May 03, 2023 5:19 pm

i think is an interesting topic

and a reminder to secure control plane in our Routers
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 11 guests
  4. RouterOS
  5. Forwarding Protocols