CVE-2023-52949

Vulnerability

A missing authentication for critical function vulnerability exists in the proxy settings functionality of Synology Active Backup for Business Agent before version 2.7.0-3221 [1]. The flaw allows a local user to access or modify proxy configuration without proper credential verification, enabling credential theft via unspecified vectors [1].

Exploitation

An attacker needs local access to the system running a vulnerable version (prior to 2.7.0-3221) [1]. The exploit does not require authentication or user interaction, and can be performed with low complexity [1]. The exact steps are not detailed but involve manipulating the proxy settings to capture or leak stored credentials [1].

Impact

Successful exploitation allows a local attacker to obtain user credentials, leading to a high confidentiality impact with no effect on integrity or availability [1]. The attacker gains the privilege level of the compromised user, potentially escalating access within the system or network [1].

Mitigation

Synology has fixed the issue in Active Backup for Business Agent version 2.7.0-3221 and above [1]. Users should upgrade to the fixed release. No workarounds are provided by the vendor [1].