CVE-2023-52947

Summary

CVE-2023-52947 is a vulnerability affecting Synology Active Backup for Business Agent versions prior to 2.6.3-3101, which allows local users to log out of the client without proper authentication. This flaw does not impact the backup functionality, which will continue to operate as expected even after a logout occurs. The vulnerability is classified as having a medium severity level with a base score of 4.0 and can be exploited locally without requiring user interaction or privileges. To remediate this issue, it is recommended that users update their Active Backup for Business Agent to version 2.6.3-3101 or later. Organizations should be aware that this vulnerability could enable unauthorized users to disrupt client sessions, potentially affecting operational workflows.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.