Description:

Synology has published security advisories to address multiple vulnerabilities in various versions of DiskStation Manager (DSM). The list of security updates can be found at:
https://www.synology.com/en-us/security/advisory/Synology_SA_23_05
https://www.synology.com/en-us/security/advisory/Synology_SA_23_07

Affected Systems:

• Synology DiskStation Manager (DSM)

Impact:

Successful exploitation of the vulnerabilities could lead to information disclosure or tampering on an affected system.

Recommendation:

Patches for affected products are available. System administrators of affected products should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

More Information:

• https://www.synology.com/en-us/security/advisory/Synology_SA_23_05
• https://www.synology.com/en-us/security/advisory/Synology_SA_23_07
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0142
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2729