CVE-2023-5746: Critical Flaw Detected in Synology BC500 and TC500 Cameras

CVE-2023-5746
Image Credit: Synology

Synology Camera BC500 and TC500 devices are popular security cameras used by businesses and homes alike. However, a recently discovered vulnerability in these devices could allow attackers to remotely execute arbitrary code on the system.

A critical severity vulnerability, labeled as CVE-2023-5746, has been unearthed in Synology Camera models BC500 and TC500. With a chilling CVSS score of 9.8 out of 10, this flaw is not one to be overlooked.

Image Credit: Synology

At its core, the vulnerability is rooted in improper input validation. By exploiting this weakness, malicious actors can remotely execute arbitrary code on the system. This is achieved by sending a specially crafted request using an externally-controlled format string. In simpler terms, attackers could potentially take control of your camera system by capitalizing on this flaw.

The primary cause for concern lies in the cgi component of these cameras, where the vulnerability is specifically located. The use of an externally controlled format string within this component is the crux of the issue, permitting remote attackers to commandeer devices via unspecified vectors.

Importantly, users need to be aware that Synology Camera Firmware versions before 1.0.5-0185 on BC500 and TC500 models are especially susceptible.

CVE-2023-5746 is a critical vulnerability, as it could allow attackers to take complete control of affected devices. Once an attacker has control of a device, they could use it to spy on the device’s owner, steal data, or even launch attacks against other devices on the network.

Synology has released a firmware update to patch this vulnerability. All users of Synology Camera BC500 and TC500 devices are urged to update to the latest firmware as soon as possible.

As a primary mitigation strategy, users are urged to set up firewall rules that permit only trusted clients to connect. By doing so, they can limit potential attack vectors, providing a protective buffer until a more permanent solution is rolled out.

If you think your Synology Camera BC500 or TC500 device may have been compromised, you should immediately take the following steps:

  1. Isolate the device from your network. This will prevent the attacker from spreading the infection to other devices on your network.
  2. Change the password for your device. This will prevent the attacker from accessing your device again.
  3. Scan your device for malware. There are a number of free and commercial anti-malware programs available that can scan your device for malware.