Synology-SA-23:15 Synology Camera (PWN2OWN 2023)
Publish Time: 2023-11-20 17:47:11 UTC+8
Last Updated: 2023-11-20 17:53:36 UTC+8
- Severity
- Critical
- Status
- Resolved
Abstract
The vulnerabilities allow remote attackers to execute arbitrary code and remote users to bypass security constraints via a susceptible version of Synology Camera BC500 Firmware and Synology Camera TC500 Firmware.
The vulnerabilities reported by PWN2OWN 2023 have been addressed.
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| BC500 | Critical | Upgrade to 1.0.7-0298 or above. |
| TC500 | Critical | Upgrade to 1.0.7-0298 or above. |
Mitigation
None
Detail
Reserved
Revision
| Revision | Date | Description |
|---|---|---|
| 1 | 2023-11-20 | Initial public release. |