What are you looking for ?
Advertise with us
RAIDON

Synology Security Advisories SA-24:10 Drive Client and SA-24:11 Active Backup for Business Agent

Concerning resolved vulnerabilities in Synology Drive Client and Active Backup for Business Agent apps

Synology, Inc. had published 2 security advisories concerning Apps for DSM NAS OS.

Synology-SA-24:10 Synology Drive Client

Publish Time: 2024-09-26 11:30:21 UTC+8
Last Updated: 2024-09-26 11:35:49 UTC+8
Severity: Important
Status: Resolved

Abstract
Multiple vulnerabilities allow remote attackers to conduct denial-of-service attacks, remote authenticated users to obtain sensitive information, local users to execute arbitary commands, local users with administrator privileges to execute arbitary commands, and local users with administrator privileges to conduct denial-of-service attacks via a susceptible version of Synology Drive Client.

Affected Products:

Product

Severity

Fixed release availability

Synology Drive Client

Important

Upgrade to 3.5.0-16084 or above.

Mitigation: None

Detail:

  • CVE-2023-52946

    • Severity: Important
    • CVSS3 Base Score: 8.2
    • CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
    • Buffer copy without checking size of input (‘Classic Buffer Overflow’) vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial buffers and crash the client via unspecified vectors.
  • CVE-2022-49038
    • Severity: Important
    • CVSS3 Base Score: 7.8
    • CVSS3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    • Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 allows local users to execute arbitrary code via unspecified vectors.
  • CVE-2022-49037
    • Severity: Moderate
    • CVSS3 Base Score: 6.5
    • CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
    • Insertion of sensitive information into log file vulnerability in proxy settings component in Synology Drive Client before 3.3.0-15082 allows remote authenticated users to obtain sensitive information via unspecified vectors.
  • CVE-2022-49039
    • Severity: Low
    • CVSS3 Base Score: 6.7
    • CVSS3 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
    • Out-of-bounds write vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to execute arbitrary commands via unspecified vectors.
  • CVE-2022-49040
    • Severity: Low
    • CVSS3 Base Score: 4.4
    • CVSS3 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
    • Buffer copy without checking size of input (‘Classic Buffer Overflow’) vulnerability in connection management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors.
  • CVE-2022-49041
    • Severity: Low
    • CVSS3 Base Score: 4.4
    • CVSS3 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
    • Buffer copy without checking size of input (‘Classic Buffer Overflow’) vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors.

Acknowledgement: Zhao Runzi (赵润梓)

Reference:

Revision:

Revision

Date

Description

1

2024-09-26

Initial PR

2

2024-09-26

Disclosed vulnerability details.

 

Synology-SA-24:11 Synology Active Backup for Business Agent

Publish Time: 2024-09-26 11:39:39 UTC+8
Last Updated: 2024-09-26 11:44:10 UTC+8
Severity: Moderate
Status: Resolved

Abstract
Multiple vulnerabilities allow adjacent man-in-the-middle attackers to obtain user credential, local users to conduct denial-of-service attacks, and local users to obtain user credential via a susceptible version of Synology Active Backup for Business Agent.

Affected Products:

Product

Severity

Fixed release availability

Synology Active Backup for Business Agent

Moderate

Upgrade to 2.7.0-3221 or above

Mitigation: None

Detail:

  • CVE-2023-52947
    • Severity: Moderate
    • CVSS3 Base Score: 4.0
    • CVSS3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
    • Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecified vectors. The backup functionality will continue to operate and will not be affected by the logout.
  • CVE-2023-52948
    • Severity: Moderate
    • CVSS3 Base Score: 5.0
    • CVSS3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
    • Missing encryption of sensitive data vulnerability in settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors.
  • CVE-2023-52949
    • Severity: Moderate
    • CVSS3 Base Score: 5.5
    • CVSS3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
    • Missing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors.
  • CVE-2023-52950
    • Severity: Moderate
    • CVSS3 Base Score: 5.3
    • CVSS3 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
    • Missing encryption of sensitive data vulnerability in login component in Synology Active Backup for Business Agent before 2.7.0-3221 allows adjacent man-in-the-middle attackers to obtain user credential via unspecified vectors.

Acknowledgement: Zhao Runzi (赵润梓)

Reference:

Revision:

Revision

Date

Description

1

2024-09-26

Initial PR

2

2024-09-26

Disclosed vulnerability details

 

Articles_bottom
ExaGrid
AIC
ATTOtarget="_blank"
OPEN-E