Synology-SA-18:46 Internet Key Exchange v1

Publish Time: 2018-08-15 18:04:54 UTC+8

Last Updated: 2021-04-22 09:15:36 UTC+8

Severity
Important
Status
Will not fix

Abstract

A vulnerability allows remote attackers to obtain sensitive information via a susceptible version of Synology DiskStation Manager (DSM), Synology Router Manager (SRM), VPN Server or VPN Plus Server.

Affected Products

Product Severity Fixed Release Availability
DSM 6.2 Important Will not fix
DSM 6.1 Important Will not fix
DSM 5.2 Important Will not fix
SkyNAS Important Will not fix
SRM 1.1 Important Will not fix
VPN Server Important Will not fix
VPN Plus Server Important Will not fix

Mitigation

If you need immediate assistance, please contact Synology technical support via https://account.synology.com/en-global/support.

Detail

  • CVE-2018-5389
    • Severity: Important
    • CVSS3 Base Score: 7.4
    • CVSS3 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
    • The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode, however, only an online attack against PSK authentication was thought to be feasible. This vulnerability could allow an attacker to recover a weak Pre-Shared Key or enable the impersonation of a victim host or network.

Reference

Revision

Revision Date Description
1 2018-08-15 Initial public release.
2 2020-02-21 Disclosed vulnerability details.
3 2020-10-28 Updated Affected Products for DSM 6.2, DSM 6.1, DSM 5.2, SkyNAS, SRM 1.1, VPN Server and VPN Plus Server which will not be fixed.