Publish Time: 2020-06-16 18:39:57 UTC+8
Last Updated: 2021-07-08 17:10:09 UTC+8
Abstract
A vulnerability allows remote attackers to obtain sensitive information or conduct denial-of-service attack via a susceptible version of Synology Router Manager (SRM) or Media Server.
Affected Products
Product | Severity | Fixed Release Availability |
---|---|---|
DSM 6.2 | Not affected | N/A |
SkyNAS | Not affected | N/A |
VS960HD | Not affected | N/A |
SRM 1.2 | Moderate | Upgrade to 1.2.4-8081 or above. |
Media Server 1.8 | Important | Upgrade to DSM 7.0-41890 or above. |
Audio Station 6 | Not affected | N/A |
Video Station 2 | Not affected | N/A |
Mitigation
If you need immediate assistance, please contact Synology technical support via https://account.synology.com/support.
Detail
CVE-2020-12695 (Media Server 1.8)
CVE-2020-12695 (SRM 1.2)
Reference
Revision
Revision | Date | Description |
---|---|---|
1 | 2020-06-16 | Initial public release. |
2 | 2020-06-18 | Update for SRM 1.2 is now available in Affected Products. |
3 | 2021-06-29 | Update for Media Server 1.8 is now available in Affected Products. |