Synology urges anyone with a camera of the brand or a BeeStation to install the latest patch immediately.
Anyone with a Synology camera or a BeeStation NAS, should update their device immediately. Specifically, for the cameras, this concerns the Synology Camera BC500, TC500 and CC400W. The manufacturer reports that:
“The vulnerabilities allow remote attackers to execute arbitrary code, remote attackers to bypass security restrictions and remote attackers to perform denial-of-service attacks.” Updating to firmware version 1.1.3-0442 or newer is the message.
For BeeStation appliances, an entry-level NAS model from the brand, owners should urgently update to version 1.1-65373. Synology: “A vulnerability allows remote attackers to execute arbitrary code through a sensitive version of Synology BeeStation Manager (BSM).”
Both leaks are labeled critical by Synology. Patching now is the message.
The BeeStation systems were first introduced to the market only earlier this year. We like to describe it as a simple NAS tailored for those who don’t know what a NAS is. The device promises to bring centralized self-storage to a large audience. You can read the review of the Synology Camera TC500 here.