Synology tells NAS device users to patch immediately following zero-day reveal

0
10


  • Synology has patched a zero-click flaw found in multiple NAS products
  • This type of flaw can be exploited with no victim interaction, making it particularly dangerous
  • Technical details were not disclosed to give customers time to react

Top network-attached storage (NAS) makers Synology has patched a critical severity vulnerability which could have allowed threat actors to remotely execute malicious code on affected endpoints.

The vulnerability is tracked as CVE-2024-10443, and was found in DiskStation and BeePhotos. It was showcased during the recent Pwn2Own Ireland 2024 hackathon, where it was described as a zero-click flaw, and dubbed RISK:STATION.

LEAVE A REPLY

Please enter your comment!
Please enter your name here