Clarification on Report about Router Security
Taipei, Taiwan—December 14, 2021—In response to a report created by IoT Inspector, Synology has confirmed that none of the potential threats identified pose a severe or immediate threat to the security of Synology Routers.
"Synology is constantly monitoring and tracking relevant CVEs for our products, taking into account open-source projects and the dependencies they may have," said Kuei-Huan Chen, Senior Manager for Networking, Security, and Infrastructure at Synology. "Our PSIRT [Product Security Incident Response Team] task force has analyzed all items in the report and concluded that none of them are of immediate concern."
"The report primarily identifies potential vulnerabilities based on the version numbers of components in our software using an automated analysis tool," Chen added. "It does not take into account any mitigating measures or patch backports to secure these components and says little about whether these potential vulnerabilities are actually exploitable."
For more information, Synology has compiled a detailed rundown on the reported items.
For security inquiries, you can contact the Synology Security Team.
Synology creates network-attached storage, IP surveillance solutions, and network equipment that transform the way users manage data, conduct surveillance, and manage networks in the cloud era. By taking full advantage of the latest technologies, Synology helps users centralize data storage and backup, share files on-the-go, implement professional surveillance solutions, and manage networks in reliable and affordable ways. Synology is committed to delivering products with forward-thinking features and best-in-class customer services.