Jan 04, 2023Ravie Lakshmanan
Synology has released security updates to address a critical
flaw impacting VPN Plus Server that could be exploited to take over
affected systems.
Tracked as CVE-2022-43931[1], the vulnerability
carries a maximum severity rating of 10 on the CVSS scale and has
been described as an out-of-bounds write bug in the remote desktop
functionality in Synology VPN Plus Server.
Successful exploitation of the issue “allows remote attackers to
execute arbitrary commands via unspecified vectors,” the Taiwanese
company said[2], adding it was
internally discovered by its Product Security Incident Response
Team (PSIRT).
Users of VPN Plus Server for Synology Router Manager (SRM) 1.2
and VPN Plus Server for SRM 1.3 are advised to update to versions
1.4.3-0534 and 1.4.4-0635, respectively.
The network-attached storage appliance maker, in a second
advisory, also warned[3]
of several flaws in SRM that could permit remote attackers to
execute arbitrary commands, conduct denial-of-service attacks, or
read arbitrary files.
Exact details about the vulnerabilities have been withheld, with
the users urged to upgrade to versions 1.2.5-8227-6 and
1.3.1-9346-3 to mitigate potential threats.
Gaurav Baruah, CrowdStrike’s Lukas Kupczyk, DEVCORE researcher
Orange Tsai, and Netherlands-based IT security firm Computest have
been credited for reporting the weaknesses.
It’s worth noting that some of the vulnerabilities[4] were demonstrated at the
2022 Pwn2Own contest held between December 6 and 9, 2022, at
Toronto.
Baruah earned $20,000 for a command injection attack against the
WAN interface of the Synology RT6600ax, while Computest netted
$5,000 for a command injection root shell exploit aimed at its LAN
interface.
Found this article interesting? Follow us on Twitter [5]
and LinkedIn[6]
to read more exclusive content we post.
References
Read more https://thehackernews.com/2023/01/synology-releases-patch-for-critical.html