Vulnerability Management, Network Security

Patches issued for critical Synology DiskStation, BeeStation bug

Share
Adobe Stock

Synology, a Taiwanese networking and storage solutions provider, has promptly released fixes for a critical flaw affecting its widely used DiskStation and BeeStation network-attached storage devices, tracked as CVE-2024-10443, which could be exploited for remote code execution, reports Security Affairs.

Also known as RISK:STATION, the zero-click vulnerability could be leveraged to compromise millions of devices, according to Midnight Blue researchers, who discovered and reported the issue at Pwn2Own Ireland. Additional details regarding the bug have not been disclosed to curb potential exploitation while organizations with affected BeePhotos for BeeStation OS and Synology Photos instances have been urged to immediately apply the patch. "Official guidance from Synology can be found on their advisories page. However, since the vulnerability has a high potential for criminal abuse, and millions of devices are affected, a media reach-out was made to inform system owners of the issue and to stress the point that immediate mitigative actions are required," said Midnight Blue researchers.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.