Synology Security Advisory 23:02 Sudo
Vulnerability allows local users to conduct privilege escalation attacks via susceptible version of DSM and SRM.
This is a Press Release edited by StorageNewsletter.com on October 19, 2023 at 2:00 pmSynology, Inc. had published a security advisory concerning a vulnerability in DiskStation Manager (DSM) NAS OS and Synology Router Manager (SRM).
Publish time: 2023-03-30 16:17:07 UTC+8
Last updated: 2023-10-04 18:16:36 UTC+8
Severity: Low
Status: Accepted
Abstract
A vulnerability allows local users to conduct privilege escalation attacks via a susceptible version of DSM and SRM.
Affected products
|
Product |
Severity |
Fixed release availability |
|---|---|---|
|
DSM 7.1 |
Low |
Upgrade to 7.2.1-69057 or above |
|
DSM 7.0 |
Low |
Will not fix |
|
DSM 6.2 |
Low |
Will not fix |
|
DSMUC 3.1 |
Low |
Will not fix |
|
SRM 1.3 |
Low |
Will not fix |
|
SRM 1.2 |
Not affected |
N/A |
|
VS Firmware 3.0 |
Low |
Will not fix |
Mitigation : None
Detail
-
CVE-2023-22809
-
Severity: Low
-
CVSS3 Base Score: 6.7
-
CVSS3 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
-
In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a “–” argument that defeats a protection mechanism, e.g., an EDITOR=’vim — /path/to/extra/file’ value.
-
Reference
Revision
|
Revision |
Date |
Description |
|---|---|---|
|
1 |
2023-03-30 |
Initial public release |
|
2 |
2023-09-26 |
Update for DSM 7.1 is now available in affected products |
Subscribe to our free daily newsletter
