Synology, a Taiwanese manufacturer of network-attached storage devices, has found a major security issue in its routers set up as virtual private network (VPN) servers. This vulnerability, designated as CVE-2022-43931, was identified by Synology’s internal Product Security Incident Response Team (PSIRT). This vulnerability has the highest possible severity rating of 10 out of 10. VPN Plus Server is a software package that allows administrators to use Synology routers as VPN servers. This flaw is vulnerable to the security of the resources open for remote access and allows unauthorized access to sensitive information. Synology has released a patch to fix this issue. Users should update their routers as soon as possible to protect against potential security risks and vulnerabilities…

A Taiwanese company that manufactures network-attached storage devices has found a major security issue in its routers set up as virtual private network (VPN) servers.

What could be the potential effects of this vulnerability for Synology?

This means that attackers can easily exploit the system’s weakness or flaw without having special permissions or access to the routers and requiring the users to take action in the attack. It needs minimal effort and resources and does not require specific knowledge or skills. This makes it a significant threat. It is an easy target to exploit by anyone with the motivation to do so.

On Friday, Synology released a security advisory stating a vulnerability in the susceptible version of their VPN Plus Server.

Consequences of Vulnerability?

An out-of-bounds write vulnerability is a type of security flaw. It allows attackers to write data beyond the intended boundaries of a memory buffer. In the case of the Remote Desktop Functionality in Synology VPN Plus Server, this vulnerability was easy to target to execute arbitrary commands. This could lead to serious consequences like data corruption, system crashes, and code execution following memory corruption. Synology has released security updates to address this issue to fix the vulnerability. Customers should upgrade to the latest version of the VPN Plus Server for SRM (Synology Router Manager). It is important to keep software and systems up-to-date to protect against these vulnerabilities and potential attacks.

“Synology released a critical advisory warning the previous month and announced that it had fixed various security vulnerabilities.”

The Synology Router Manager (SRM) had multiple vulnerabilities. These vulnerabilities can allow remote attackers to carry out various malicious actions. These malicious actions could include arbitrary commands, conducting denial-of-service attacks, or even reading arbitrary files. This came to light during the Pwn2Own Toronto 2022 hacking contest. The contest attracted multiple researchers, and teams reported and demonstrated various security vulnerabilities in the Synology RT6600ax router.

The specific vulnerabilities were not clearly mentioned by their CVE IDs. At least two were severe enough for researchers to successfully demonstrate zero-day exploits during the contest. Gaurav Baruah successfully executed a command injection attack on the WAN interface of the Synology RT6600ax. He also earned a prize of $20,000 for his efforts. The team from Computest also demonstrated a command injection root shell exploit targeting the LAN interface of the same router. It was later given recognition in a critical advisory by Synology in December.