Synology Product Security Update Advisory (CVE-2024-39349)

Jul 10 2024

Overview

Synology has released a security update to fix vulnerabilities in its products. Users of affected products are advised to update to the latest version.

Affected Products

Synology Camera BC500 version: ~ 1.0.7-0298 (excluded)
Synology Camera TC500 version: ~ 1.0.7-0298 (excluded)

Resolved Vulnerabilities

Buffer copying without checking input size, which allows remote attackers to execute arbitrary code via unspecified vectors (CVE-2024-29349)

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

Synology Camera BC500 version: 1.0.7-0298 or later
Synology Camera TC500 version: 1.0.7-0298 or later

Referenced Sites

[1] CVE-2024-39349 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-39349

[2] Synology-SA-23:15 Synology Camera (PWN2OWN 2023)

https://www.synology.com/en-global/security/advisory/Synology_SA_23_15

Synology Product Security Update Advisory (CVE-2024-39349)

Apache HTTP Server Security Update Advisory (CVE-2024-39884)

WhatsUp Gold product security update advisory

Tags:

Apache HTTP Server Security Update Advisory (CVE-2024-39884)

WhatsUp Gold product security update advisory