[{"vendor":"synology","product":"bc500","defaultStatus":"unknown","cpes":["cpe:2.3:h:synology:bc500:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"1.1.1-0383","versionType":"custom","status":"affected"}]},{"vendor":"synology","product":"tc500","defaultStatus":"unknown","cpes":["cpe:2.3:h:synology:tc500:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"1.1.1-0383","versionType":"custom","status":"affected"}]}]

{"timestamp":"2024-06-04T14:54:00.373337Z","id":"CVE-2024-5463","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}

[{"vendor":"Synology","product":"Camera Firmware","defaultStatus":"affected","versions":[{"version":"1.1","lessThan":"1.1.1-0383","versionType":"semver","status":"affected"},{"version":"1.0","lessThan":"1.1.1-0383","versionType":"semver","status":"affected"}]}]

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

A vulnerability regarding buffer copy without checking the size of input ('Classic Buffer Overflow') has been found in the login component. This allows remote attackers to conduct denial-of-service attacks via unspecified vectors. This attack only affects the login service which will automatically restart. The following models with Synology Camera Firmware versions before 1.1.1-0383 may be affected: BC500 and TC500.

A vulnerability regarding buffer copy without checking the size of input ('Classic Buffer Overflow') has been found in the login component. This allows remote attackers to write specific files containing non-sensitive information and conduct limited denial-of-service attacks via unspecified vectors. This attack only affects the login service which will automatically restart. The following models with Synology Camera Firmware versions before 1.1.1-0383 may be affected: BC500 and TC500.

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-120

AND
     OR
          *cpe:2.3:o:synology:bc500_firmware:*:*:*:*:*:*:*:* versions from (excluding) 1.1.1-0383
     OR
          cpe:2.3:h:synology:bc500:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:synology:tc500_firmware:*:*:*:*:*:*:*:* versions from (excluding) 1.1.1-0383
     OR
          cpe:2.3:h:synology:tc500:-:*:*:*:*:*:*:*

CVE: https://www.synology.com/en-global/security/advisory/Synology_SA_24_07 Types: Vendor Advisory

Synology Inc.: https://www.synology.com/en-global/security/advisory/Synology_SA_24_07 Types: Vendor Advisory

https://www.synology.com/en-global/security/advisory/Synology_SA_24_07

A vulnerability regarding buffer copy without checking the size of input ('Classic Buffer Overflow') has been found in the login component. This allows remote attackers to conduct denial-of-service attacks via unspecified vectors. This attack only affects the login service which will automatically restart. The following models with Synology Camera Firmware versions before 1.1.1-0383 may be affected: BC500 and TC500.

Synology Inc. AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Synology Inc. CWE-120

Synology Inc. https://www.synology.com/en-global/security/advisory/Synology_SA_24_07 [No types assigned]