CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2024-39349

CVSS 9.8v3.1pub. 2024-06-28upd. 2025-04-10

A vulnerability regarding buffer copy without checking size of input ('Classic Buffer Overflow') is found in the libjansson component and it does not affect the upstream library. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500 and TC500.

🤖 AI Analysis
How it works

The vulnerability consists of copying data to a buffer without verifying the input data size (Classic Buffer Overflow, CWE-120) in a local modification of the libjansson component — the manufacturer notes that the vulnerability does not exist in the upstream library. A remote attacker, without authentication and without user interaction, can send crafted data over the network, causing buffer overflow. As a result, it is possible to hijack control over the process execution flow and execute arbitrary code.

Impact

An attacker can remotely execute arbitrary code on the vulnerable device (RCE), which in practice means the possibility of complete camera takeover, violation of image confidentiality, system integrity compromise, and device availability disruption.

Mitigation & patch

Synology BC500 and TC500 camera firmware should be updated to version 1.0.7-0298 or later, in accordance with the manufacturer's recommendations published in the Synology_SA_23_15 bulletin available on the Synology website.

Who is affected

Synology BC500 and TC500 cameras with Synology Camera firmware versions earlier than 1.0.7-0298.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Synology Bc500

    HW
    Synology
    wszystkie wersje
  • Synology Bc500 Firmware

    OS
    Synology
    < 1.0.7-0298
  • Synology Tc500

    HW
    Synology
    wszystkie wersje
  • Synology Tc500 Firmware

    OS
    Synology
    < 1.0.7-0298
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2024-11131CRITICAL9.8PL ✓ten sam produkt

Out-of-bounds read w firmware kamer Synology umożliwia RCE

CVE-2023-5746CRITICAL9.8ten sam produkt

A vulnerability regarding use of externally-controlled format string is found in the cgi component. This allow...

CVE-2023-47802HIGH7.2ten sam produkt

A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Command Injec...

CVE-2024-39350HIGH7.5ten sam produkt

A vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. This allows ma...

CVE-2024-39351HIGH7.2ten sam produkt

A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Command Injec...