Description
An origin validation error vulnerability in Synology Active Backup for Business Agent before 3.1.0-4967 allows local users to write arbitrary files with restricted content during installation.
Published: 2026-05-27
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in origin validation allows a local user to write arbitrary files during the installation of Synology Active Backup for Business Agent, potentially enabling tampering with the agent’s installed contents. This file‑write ability can be used to embed malicious code or disrupt service functionality. The weakness is identified as CWE‑346, indicating a failure to properly verify the source of installed files.

Affected Systems

Synology’s Active Backup for Business Agent is affected, specifically versions prior to 3.1.0-4967. Users running these versions run the risk of local file write during installation.

Risk and Exploitability

The CVSS score of 6.1 indicates a moderate severity. EPSS is not available, and the vulnerability is not listed in CISA KEV, suggesting limited known exploitation. The likely attack vector is local abuse by an authenticated user or any user with installation privileges, as the flaw only requires local access to perform the write operation.

Generated by OpenCVE AI on May 27, 2026 at 10:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Active Backup for Business Agent to version 3.1.0-4967 or later to patch the origin validation flaw
  • If an upgrade is delayed, restrict the installation rights to trusted administrators by disabling local installation capabilities for non‑privileged users
  • Implement inventory checks to verify installation files originate from approved sources, ensuring origin verification before writing to the file system

Generated by OpenCVE AI on May 27, 2026 at 10:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 27 May 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 27 May 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Synology
Synology active Backup For Business Agent
Vendors & Products Synology
Synology active Backup For Business Agent

Wed, 27 May 2026 10:45:00 +0000

Type Values Removed Values Added
Title Local User File Write Vulnerability in Synology Active Backup for Business Agent

Wed, 27 May 2026 09:00:00 +0000

Type Values Removed Values Added
Description An origin validation error vulnerability in Synology Active Backup for Business Agent before 3.1.0-4967 allows local users to write arbitrary files with restricted content during installation.
Weaknesses CWE-346
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H'}

Subscriptions

Synology Active Backup For Business Agent
cve-icon MITRE

Status: PUBLISHED

Assigner: synology

Published:

Updated: 2026-05-27T08:43:05.069Z

Reserved: 2025-12-05T03:19:16.760Z

Link: CVE-2025-66592

cve-icon Vulnrichment

Updated: 2026-05-27T12:39:58.229Z

cve-icon NVD

Status : Received

Published: 2026-05-27T09:16:27.633

Modified: 2026-05-27T09:16:27.633

Link: CVE-2025-66592

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-27T11:45:15Z

Weaknesses