CVE-2023-52946 - Vulnerability Details - OpenCVE

Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial buffers and crash the client via unspecified vectors.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00261.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Synology	Drive Drive Client

Configuration 1 [-]

cpe:2.3:a:synology:drive_client:*:*:*:*:*:desktop:*:*

No data.

No data.

References

Link	Providers
https://www.synology.com/en-global/security/advisory/Synology_SA_24_10

History

Tue, 08 Oct 2024 16:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Synology drive Client
CPEs		cpe:2.3:a:synology:drive_client::::::desktop::*
Vendors & Products		Synology drive Client

Thu, 26 Sep 2024 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Synology Synology drive
CPEs		cpe:2.3:a:synology:drive::::::::
Vendors & Products		Synology Synology drive
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 26 Sep 2024 03:45:00 +0000

Type	Values Removed	Values Added
Description		Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial buffers and crash the client via unspecified vectors.
Weaknesses		CWE-120
References		https://www.synology.com/en-global/security/advisory/Synology_SA_24_10
Metrics		cvssV3_1 `{'score': 8.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H'}`

MITRE

Status: PUBLISHED

Assigner: synology

Published: 2024-09-26T03:31:38.479Z

Updated: 2024-09-26T14:53:50.864Z

Reserved: 2024-09-24T08:35:52.121Z

Link: CVE-2023-52946

Vulnrichment

Updated: 2024-09-26T14:53:45.955Z

NVD

Status : Analyzed

Published: 2024-09-26T04:15:05.863

Modified: 2024-10-08T15:55:07.543

Link: CVE-2023-52946

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52946", "assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01", "state": "PUBLISHED", "assignerShortName": "synology", "dateReserved": "2024-09-24T08:35:52.121Z", "datePublished": "2024-09-26T03:31:38.479Z", "dateUpdated": "2024-09-26T14:53:50.864Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "cweId": "CWE-120", "type": "CWE"}]}], "affected": [{"vendor": "Synology", "product": "Synology Drive Client", "versions": [{"version": "*", "status": "affected", "lessThan": "3.5.0-16084", "versionType": "semver"}], "defaultStatus": "affected"}], "descriptions": [{"lang": "en", "value": "Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial buffers and crash the client via unspecified vectors."}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "HIGH"}}], "references": [{"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_24_10", "name": "Synology-SA-24:10 Synology Drive Client", "tags": ["vendor-advisory"]}], "credits": [{"lang": "en", "value": "Zhao Runzi (\u8d75\u6da6\u6893)", "type": "finder"}], "providerMetadata": {"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01", "shortName": "synology", "dateUpdated": "2024-09-26T03:31:38.479Z"}}, "adp": [{"affected": [{"vendor": "synology", "product": "drive", "cpes": ["cpe:2.3:a:synology:drive:*:*:*:*:*:*:*:*"], "defaultStatus": "affected", "versions": [{"version": "0", "status": "affected", "lessThan": "3.5.0-16084", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-26T14:53:14.352602Z", "id": "CVE-2023-52946", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-26T14:53:50.864Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52946", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-26T14:53:14.352602Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:synology:drive:*:*:*:*:*:*:*:*"], "vendor": "synology", "product": "drive", "versions": [{"status": "affected", "version": "0", "lessThan": "3.5.0-16084", "versionType": "semver"}], "defaultStatus": "affected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-26T14:53:45.955Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Zhao Runzi (\u8d75\u6da6\u6893)"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Synology", "product": "Synology Drive Client", "versions": [{"status": "affected", "version": "*", "lessThan": "3.5.0-16084", "versionType": "semver"}], "defaultStatus": "affected"}], "references": [{"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_24_10", "name": "Synology-SA-24:10 Synology Drive Client", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en", "value": "Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial buffers and crash the client via unspecified vectors."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01", "shortName": "synology", "dateUpdated": "2024-09-26T03:31:38.479Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52946", "state": "PUBLISHED", "dateUpdated": "2024-09-26T14:53:50.864Z", "dateReserved": "2024-09-24T08:35:52.121Z", "assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01", "datePublished": "2024-09-26T03:31:38.479Z", "assignerShortName": "synology"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:synology:drive_client:*:*:*:*:*:desktop:*:*", "matchCriteriaId": "FA63ED01-FFC4-4304-B511-8FF3260AEF74", "versionEndExcluding": "3.5.0-16084", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial buffers and crash the client via unspecified vectors."}, {"lang": "es", "value": "La vulnerabilidad de copia de b\u00fafer sin verificar el tama\u00f1o de la entrada ('Desbordamiento de b\u00fafer cl\u00e1sico') en el componente de servicio vss en Synology Drive Client anterior a 3.5.0-16084 permite a atacantes remotos sobrescribir b\u00faferes triviales y bloquear el cliente a trav\u00e9s de vectores no especificados."}], "id": "CVE-2023-52946", "lastModified": "2024-10-08T15:55:07.543", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "security@synology.com", "type": "Secondary"}]}, "published": "2024-09-26T04:15:05.863", "references": [{"source": "security@synology.com", "tags": ["Vendor Advisory"], "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_24_10"}], "sourceIdentifier": "security@synology.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "security@synology.com", "type": "Secondary"}]}