CVE-2022-49040

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published Sep 26, 2024

CWE ID 120

Summary

CVE-2022-49040 is a buffer overflow vulnerability found in the connection management functionality of Synology Drive Client versions prior to 3.4.0-15721, which allows local users with administrator privileges to crash the client through unspecified methods. The vulnerability poses a medium severity risk, with a high potential impact on availability without affecting confidentiality or integrity. To remediate this issue, users are advised to update to the latest version of Synology Drive Client. The exploit requires high privileges and can be executed locally, indicating that it primarily affects environments where multiple administrators may access the system. For further details and updates, users can refer to Synology's official security advisory.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database