Synology NAS Patch Required - MitM Vulnerability
This may require a manual install, as the patching for this may not auto-run.
A vulnerability allows man-in-the-middle attackers to hijack the authentication of administrators.
The vulnerability reported by PWN2OWN 2024 (ZDI-CAN-25487) has been addressed.
What’s the exposure surface of this if I have remote access disabled?
Probably none. This is a MITM attack, so they need to be between you and the device. Usually that's done by being on the local network, though it could also be someone who has compromised your router/firewall appliance.
Of course, you should never expose services like this to the Internet. If you need remote access, use a VPN.
Just got the update. Good timing, because over the last week, I've had DOZENS upon DOZENS of IP addresses auto-blocked.
Before that, the last blocked IP address was like in September, so someone/something is probing.
I have a watt meter monitoring the power usage of my NAS. Out of all my checks, I assume that's how I'm going to know I get hacked before anything else.
Update came through this morning. 7.2.2-72806 Update 3.
Anybody know if this effects 6.2.4?
According to this, 6.2.4.x is not affected.
