Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Some Synology products impacted by recently disclosed OpenSSL flaws

Taiwan vendor Synology announced that recently disclosed vulnerabilities (CVE-2021-3711 and CVE-2021-3712) in the OpenSSL impact some of its products. Taiwanese company Synology revealed that the recently disclosed remote code execution (RCE) and denial-of-service (DoS) OpenSSL vulnerabilities (CVE-2021-3711 and CVE-2021-3712) impact some of its products. “Multiple vulnerabilities allow remote attackers to conduct denial-of-service attack or possibly execute arbitrary code via […]

Synology DiskStation Manager

Taiwan vendor Synology announced that recently disclosed vulnerabilities (CVE-2021-3711 and CVE-2021-3712) in the OpenSSL impact some of its products.

Taiwanese company Synology revealed that the recently disclosed remote code execution (RCE) and denial-of-service (DoS) OpenSSL vulnerabilities (CVE-2021-3711 and CVE-2021-3712) impact some of its products.

“Multiple vulnerabilities allow remote attackers to conduct denial-of-service attack or possibly execute arbitrary code via a susceptible version of Synology DiskStation Manager (DSM), Synology Router Manager (SRM), VPN Plus Server or VPN Server.” reads the advisory published by the company.

The affected Synology products are:

ProductSeverityFixed Release Availability
DSM 7.0ImportantOngoing
DSM 6.2ModerateOngoing
DSM UCModerateOngoing
SkyNASModeratePending
VS960HDModeratePending
SRM 1.2ModerateOngoing
VPN Plus ServerImportantOngoing
VPN ServerModerateOngoing

The CVE-2021-3711 is a high-severity buffer overflow flaw that could allow an attacker to change an application’s behavior or cause the app to crash. The vulnerability ties the decryption of SM2 encrypted data, the changes depend on the targeted application and data it maintains (i.e. credentials) in the heap while the issue is exploited.

The CVE-2021-3712 is a medium-severity vulnerability that can be exploited by attackers to trigger a denial-of-service (DoS) condition. The flaw could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext).

Synology is expected to address both flaws with security updates, but it does not provide an estimated timeline for their release. Synology is not aware of attacks in the wild exploiting the above vulnerabilities.

Recently the vendor also published another advisory to warn of vulnerabilities in DiskStation Manager.

“Multiple vulnerabilities allow remote authenticated users to execute arbitrary commands, or remote attackers to write arbitrary files via a susceptible version of DiskStation Manager (DSM).” reads the advisory published by the company.

Below is the list of affected products:

ProductSeverityFixed Release Availability
DSM 7.0ImportantOngoing
DSM 6.2ImportantUpgrade to 6.2.4-25556-2 or above.
DSM UCModeratePending
SkyNASImportantPending
VS960HDModeratePending

Early this month, the company PSIRT warned customers that the StealthWorker botnet is conducting brute-force attacks in an attempt to implant ransomware. Once compromised the device, threat actors employed it in a botnet used in attacks aimed at Linux systems, including Synology NAS.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, OpenSSL)

[adrotate banner=”5″]

[adrotate banner=”13″]