Buffer Copy Vulnerability Affects Synology Drive Client
CVE-2022-49041

4.4MEDIUM

Key Information:

Vendor: Synology
Status: Synology Drive Client
Vendor: CVE Published:; 26 September 2024

What is CVE-2022-49041?

A buffer overflow vulnerability exists in the backup task management feature of Synology Drive Client, affecting versions prior to 3.4.0-15721. This issue allows local users with administrative privileges to exploit the system, potentially leading to crashes of the client application through unspecified methods. Users should ensure their systems are updated to mitigate risks associated with this vulnerability.

Affected Version(s)

Synology Drive Client *

References

https://www.synology.com/en-global/security/advisory/Syno...

vendor-advisory

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 26, 2024
Vulnerability Reserved
Sep 24, 2024

Credit

Zhao Runzi (赵润梓)