Synology-SA-20:13 CallStranger

Publish Time: 2020-06-16 18:39:57 UTC+8

Last Updated: 2020-06-18 15:34:29 UTC+8

Severity
Important
Status
Ongoing

Abstract

A vulnerability allows remote attackers to obtain sensitive information or conduct denial-of-service attack via a susceptible version of Synology Router Manager (SRM) or Media Server.

Affected Products

Product Severity Fixed Release Availability
DSM 6.2 Not affected N/A
SkyNAS Not affected N/A
VS960HD Not affected N/A
SRM 1.2 Moderate Upgrade to 1.2.4-8081 or above.
Media Server 1.8 Important Ongoing
Audio Station 6 Not affected N/A
Video Station 2 Not affected N/A

Mitigation

If you need immediate assistance, please contact Synology technical support via https://account.synology.com/support.

Detail

  • CVE-2020-12695 (Media Server 1.8)

    • Severity: Important
    • CVSS3 Base Score: 7.2
    • CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L
    • The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
  • CVE-2020-12695 (SRM 1.2)

    • Severity: Moderate
    • CVSS3 Base Score: 6.1
    • CVSS3 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L
    • The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.

Reference

Revision

Revision Date Description
1 2020-06-16 Initial public release.
2 2020-06-18 Update for SRM 1.2 is now available in Affected Products.