Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-27652: Synology_SA_20_18 | Synology Inc.

Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.

CVE
#vulnerability#auth

Abstract

Multiple vulnerabilities allow remote attackers to conduct man-in-the-middle attacks via a susceptible version of Synology DiskStation Manager (DSM).

Affected Products

Product

Severity

Fixed Release Availability

DSM 6.2

Important

Upgrade to 6.2.3-25426-2 or above.

DSM UC 3.0

Not affected

N/A

SkyNAS

Important

Upgrade to 6.2.3-25426 or above.

VS960HD

Not affected

N/A

Mitigation

None

Detail

  • CVE-2020-27648

    • Severity: Moderate
    • CVSS3 Base Score: 8.3
    • CVSS3 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
    • Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
  • CVE-2020-27650

    • Severity: Moderate
    • CVSS3 Base Score: 5.8
    • CVSS3 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L
    • Synology DiskStation Manager (DSM) before 6.2.3-25426-2 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.
  • CVE-2020-27652

    • Severity: Moderate
    • CVSS3 Base Score: 8.3
    • CVSS3 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
    • Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.
  • CVE-2020-27656

    • Severity: Moderate
    • CVSS3 Base Score: 6.5
    • CVSS3 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
    • Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.

Revision

Revision

Date

Description

1

2020-07-16

Initial public release.

2

2020-10-15

Update for SkyNAS is now available in Affected Products.

3

2020-10-29

Disclosed vulnerability details.

Related news

The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter

Given the privileged position these devices occupy on the networks they serve, they are prime targets for attackers, so their security posture is of paramount importance.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907