Origin Validation Error in Synology BeeDrive for Desktop
CVE-2025-8074

5.6MEDIUM

Key Information:

Vendor: Synology
Status: Beedrive For Desktop
Vendor: CVE Published:; 4 December 2025

What is CVE-2025-8074?

A vulnerability in Synology's BeeDrive for desktop prior to version 1.4.3-13973 permits local users to exploit origin validation errors, allowing them to write arbitrary files that may contain non-sensitive information. This flaw exposes the system to potential misuse if not addressed, emphasizing the need for timely updates and security measures to safeguard user data.

Affected Version(s)

BeeDrive for desktop *

References

https://www.synology.com/en-global/security/advisory/Syno...

vendor-advisory

CVSS V3.1

Score:

5.6

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 4, 2025
Vulnerability Reserved
Jul 23, 2025

Credit

Sheikh Rishad

JSON