Synology-SA-24:10 Synology Drive Client

Publish Time: 2024-09-26 11:30:21 UTC+8

Last Updated: 2024-09-26 11:35:49 UTC+8

Severity
Important
Status
Resolved

Abstract

Multiple vulnerabilities allow remote attackers to conduct denial-of-service attacks, remote authenticated users to obtain sensitive information, local users to execute arbitary commands, local users with administrator privileges to execute arbitary commands, and local users with administrator privileges to conduct denial-of-service attacks via a susceptible version of Synology Drive Client.

Affected Products

Product Severity Fixed Release Availability
Synology Drive Client Important Upgrade to 3.5.0-16084 or above.

Mitigation

None

Detail

  • CVE-2023-52946

    • Severity: Important
    • CVSS3 Base Score: 8.2
    • CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
    • Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial buffers and crash the client via unspecified vectors.

  • CVE-2022-49038

    • Severity: Important
    • CVSS3 Base Score: 7.8
    • CVSS3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    • Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 allows local users to execute arbitrary code via unspecified vectors.

  • CVE-2022-49037

    • Severity: Moderate
    • CVSS3 Base Score: 6.5
    • CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
    • Insertion of sensitive information into log file vulnerability in proxy settings component in Synology Drive Client before 3.3.0-15082 allows remote authenticated users to obtain sensitive information via unspecified vectors.

  • CVE-2022-49039

    • Severity: Low
    • CVSS3 Base Score: 6.7
    • CVSS3 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
    • Out-of-bounds write vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to execute arbitrary commands via unspecified vectors.

  • CVE-2022-49040

    • Severity: Low
    • CVSS3 Base Score: 4.4
    • CVSS3 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
    • Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in connection management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors.

  • CVE-2022-49041

    • Severity: Low
    • CVSS3 Base Score: 4.4
    • CVSS3 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
    • Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors.

Acknowledgement

Zhao Runzi (赵润梓)

Reference

Revision

Revision Date Description
1 2024-09-26 Initial public release.
2 2024-09-26 Disclosed vulnerability details.