Vulnerabilities > CVE-2020-20252 - NULL Pointer Dereference vulnerability in Mikrotik Routeros

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
mikrotik
CWE-476

Summary

Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).

Vulnerable Configurations

Part Description Count
OS
Mikrotik
615

Common Weakness Enumeration (CWE)