Synology has released a patch for a critical vulnerability (CVE-2022-43931) in their VPN Plus Server product, discovered by their internal Product Security Incident Response Team (PSIRT). PSIRT marked this vulnerability with a CVSS3 score of 10, the highest possible severity rating. The vulnerability achieved this rating due to the low level of complexity required to exploit it.
The VPN Plus Server vulnerability is described by NIST as an “Out-of-bounds write vulnerability in Remote Desktop Functionality in Synology VPN Plus Server before 1.4.3-0534 and 1.4.4-0635 allows remote attackers to execute arbitrary commands via unspecified vectors.” The vulnerable product version and patched version numbers are as follows:
|Product||Fixed Release Availability|
|VPN Plus Server for SRM 1.3||Upgrade to 1.4.4-0635 or above|
|VPN Plus Server for SRM 1.2||Upgrade to 1.4.3-0534 or above|