CVE-2017-9552

moderate-risk

Published 2017-06-13

A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline. Synology Photo Station employs the synophoto_dsm_user program to authenticate username and password by "synophoto_dsm_user --auth USERNAME PASSWORD", and local users are able to obtain credentials by sniffing "/proc/*/cmdline".

Do I need to act?

0.04% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Affected Products (20)

Photo Station

Affected Vendors

Synology

References (4)

Issue Tracking http://blog.crozat.net/2017/06/synology-photostation-password-vulnerabilty.html

Third Party Advisory https://www.synology.com/en-global/support/security/Photo_Station_CVE_2017_9552

Issue Tracking http://blog.crozat.net/2017/06/synology-photostation-password-vulnerabilty.html

Third Party Advisory https://www.synology.com/en-global/support/security/Photo_Station_CVE_2017_9552

/ 100

moderate-risk

Severity 24/34 · High

Exploitability 0/34 · Minimal

Exposure 21/34 · High