Security Alert (A24-12-01): Multiple Vulnerabilities in Synology DiskStation Manager


 

Published on: 02 December 2024

  
  

Description:

Synology has published a security advisory to address multiple vulnerabilities in various versions of DiskStation Manager (DSM). The list of patches can be found at:
https://www.synology.com/en-us/security/advisory/Synology_SA_24_27

 

Affected Systems:

  • Synology DiskStation Manager (DSM) 7.1 versions, 7.2.1 versions prior to 7.2.1-69057-2, and 7.2.2 versions prior to 7.2.2-72806
  • Synology DiskStation Manager Unified Controller (DSMUC) 3.1 versions prior to 3.1.4-23079

For detailed information of the affected systems, please refer to the corresponding security advisory at vendor's website.

 

Impact:

Successful exploitation of the vulnerabilities could lead to denial of service, elevation of privilege or information disclosure on an affected system.

 

Recommendation:

System administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

Patches for some affected systems are not yet available for download and are scheduled to be released soon after. Affected users should keep abreast of the Synology website for the availability of patches, and apply the patches when available.

 

More Information:

  • https://www.synology.com/en-us/security/advisory/Synology_SA_24_27


Tag: Synology , DSM , DSMUC
Tags