CVE-2024-39349 (CVSS 9.8): Critical Vulnerability in Synology Surveillance Cameras

Recently, Synology, a leading network-attached storage (NAS) and surveillance solution provider, has updated its security advisory to detail multiple vulnerabilities in its BC500 and TC500 camera models. These vulnerabilities, discovered during the PWN2OWN 2023 hacking competition, ranged in severity from “Moderate” to “Critical” and could have allowed remote attackers to execute code, bypass security restrictions, or obtain sensitive information.

• CVE-2024-39349 (CVSS 9.8): A vulnerability in the libjansson component allows remote attackers to execute arbitrary code via unspecified vectors.
• CVE-2023-47802 (CVSS 7.2): Improper neutralization of special elements in the IP block functionality allows remote authenticated users with administrator privileges to execute arbitrary commands.
• CVE-2024-39350 (CVSS 7.5): A vulnerability in the RTSP functionality allows man-in-the-middle attackers to obtain privileges without consent.
• CVE-2024-39351 (CVSS 7.2): Improper neutralization of special elements in the NTP configuration allows remote authenticated users with administrator privileges to execute arbitrary commands.
• CVE-2023-47803 (CVSS 5.3): Improper limitation of a pathname to a restricted directory in the Language Settings functionality allows remote attackers to read specific files containing non-sensitive information.
• CVE-2024-39352 (CVSS 4.9): Incorrect authorization in the firmware upgrade functionality allows remote authenticated users with administrator privileges to bypass firmware integrity checks.

Synology has promptly addressed these vulnerabilities in firmware version 1.0.7-0298 and above. All users of the affected camera models are strongly advised to update their firmware immediately to protect their surveillance systems from potential compromise. For more information and support, users can visit the Synology support page.