Security
Headlines
HeadlinesLatestCVEs

Headline

Update VPN Plus Server now! Synology patches vulnerability with a CVSS of 10

Categories: Exploits and vulnerabilities Categories: News Tags: Synology

Tags: VPL Plus Server

Tags: CVE-2022-43931

Tags: out-of-bounds write

Synology has patched a critical vulnerability in the Remote Desktop feature of VPN Plus Server

(Read more…)

The post Update VPN Plus Server now! Synology patches vulnerability with a CVSS of 10 appeared first on Malwarebytes Labs.

Malwarebytes
#vulnerability

Posted: January 4, 2023 by

Synology has issued an advisory about a vulnerability that allows remote attackers to execute arbitrary commands through a susceptible version of Synology VPN Plus Server.

VPN Plus Server

VPN Plus Server allows users to turn their Synology Router into a Virtual Rrivate Network (VPN) server.

A VPN uses encryption to create a secure connection over a public network, such as the Internet. Consumer VPNs create a secure tunnel between a user and their VPN provider, so they can hide their browsing habits from their ISP and use their VPN provider’s IP address to connect to the Internet. Business VPNs create a tunnel between a user and the organization they work for, so they can access business information securely over the Internet.

The Synology VPN Plus Server is a business VPN that allows users to easily access and control client desktops within a network under a Synology Router, from anywhere, as long as they have Internet access, without further need of a client software.

Vulnerability

The Common Vulnerabilities and Exposures (CVE) database is a list of publicly disclosed computer security flaws. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). The vulnerability in VPN Plus Server got listed as CVE-2022-43931.

The vulnerability is described as an out-of-bounds write vulnerability in Remote Desktop Functionality in Synology VPN Plus Server before 1.4.3-0534 and 1.4.4-0635 which allows remote attackers to execute arbitrary commands via unspecified vectors. The CVSS score of the critical vulnerability is rated at 10 (out of 10).

An out-of-bounds write or read vulnerability makes it possible to manipulate parts of the memory which are allocated to more critical functions. This could allow an attacker to write code to a part of the memory where it will be executed with permissions that the program and user should not have.

The vulnerability was discovered internally by the Synology Product Security Incident Response Team (PSIRT). However, just because the problem wasn’t discovered by criminals, that doesn’t mean they won’t use it. Sometimes patches are reverse engineered by threat actors so they can understand what’s been fixed, create an exploit for it, and use it against unpatched systems.

The affected products are VPN Plus Server for SRM 1.3 which needs to be upgraded to 1.4.4-0635 or above, and VPN Plus Server for SRM 1.2 which needs to be upgraded to 1.4.3-0534 or above.

To upgrade VPN Plus Server, go to Package Center, stop the VPN Plus Server service and install the latest version via Package Center.

As a workaround, you can disable the Remote Desktop feature. To do so, click Synology VPN on the left panel of the management, and go to Remote Desktop, and untick Enable Remote Desktop.

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

RELATED ARTICLES

Related news

Synology Releases Patch for Critical RCE Vulnerability Affecting VPN Plus Servers

Synology has released security updates to address a critical flaw impacting VPN Plus Server that could be exploited to take over affected systems. Tracked as CVE-2022-43931, the vulnerability carries a maximum severity rating of 10 on the CVSS scale and has been described as an out-of-bounds write bug in the remote desktop functionality in Synology VPN Plus Server. Successful exploitation of the

CVE-2022-43931: Synology_SA_22_26 | Synology Inc.

Out-of-bounds write vulnerability in Remote Desktop Functionality in Synology VPN Plus Server before 1.4.3-0534 and 1.4.4-0635 allows remote attackers to execute arbitrary commands via unspecified vectors.