What are you looking for ?

Home » Systems (RAID, NAS, SAN) » Synology Security Advisory SA-25:01 on Resolved Vulnerability in DSM (PWN2OWN 2024)

Synology Security Advisory SA-25:01 on Resolved Vulnerability in DSM (PWN2OWN 2024)

Vulnerability allows man-in-the-middle attackers to hijack authentication of administrators.

This is a Press Release edited by StorageNewsletter.com on February 10, 2025 at 2:00 pm

Synology, Inc. had published a security advisory on resolved vulnerability in DSM NAS OS.

Publish Time: 2025-02-04 18:44:22 UTC+8
Last Updated: 2025-02-04 18:44:22 UTC+8
Severity: Moderate
Status: Ongoing

Abstract
A vulnerability allows man-in-the-middle attackers to hijack the authentication of administrators.

The vulnerability reported by PWN2OWN 2024 (ZDI-CAN-25487) has been addressed.

Affected Products:

Mitigation: None

Detail: Reserved

Acknowledgement: Chris Anastasio (@mufinnnnnnn) and Fabius Watson (@FabiusArtrel)

Revision;

Revision	Date	Description
1	2025-02-04	Initial public release.