Synology Security Advisory SA-25:07 on Resolved Vunerability on SMB Service
Vulnerability allows remote authenticated users to write to limited files via Server Message Block (SMB) service
This is a Press Release edited by StorageNewsletter.com on June 2, 2025 at 2:00 pmSynology, Inc. had published a security advisory concerning Server Message Block (SMB) service for its NAS.
Publish Time: 2025-05-29 16:40:13 UTC+8
Last Updated: 2025-05-29 16:40:43 UTC+8
Severity: Moderate
Status: Resolved
Abstract
A vulnerability allows remote authenticated users to write to limited files via Server Message Block (SMB) service.
Affected Products
|
Product |
Severity |
Fixed Release Availability |
|---|---|---|
|
APM 1.0 |
Not affected |
N/A |
|
BeeStation OS 1.3 |
Moderate |
Ongoing |
|
SRM 1.3 |
Moderate |
Ongoing |
|
SMB Service for DSM 7.2 |
Moderate |
Upgrade to 4.15.13-2502 or above. |
|
SMB Service for DSM 7.1 |
Moderate |
Upgrade to 4.15.9-0644 or above. |
Mitigation: None
Detail
- CVE-2025-5293
- Severity: Moderate
- CVSS3 Base Score: 4.3
- CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
- ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Acknowledgement: David Oxley
Revision
|
Revision |
Date |
Description |
|---|---|---|
|
1 |
2025-05-29 |
Initial public release. |
Share this news :
Subscribe to our free daily newsletter
