EUVD-2025-17343

| CVE-2025-22486 HIGH
2025-06-06 [email protected]
8.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 14, 2026 - 18:10 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 18:10 euvd
EUVD-2025-17343
CVE Published
Jun 06, 2025 - 16:15 nvd
HIGH 8.8

Tags

Information Disclosure File Station

Description

An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system. We have already fixed the vulnerability in the following versions: File Station 5 5.5.6.4791 and later and later

Analysis

CVE-2025-22486 is an improper certificate validation vulnerability in Synology File Station 5 that allows authenticated remote attackers to compromise system confidentiality, integrity, and availability. The vulnerability affects File Station 5 versions prior to 5.5.6.4791, and while it requires valid user credentials (PR:L in CVSS), the lack of user interaction requirement (UI:N) and network accessibility (AV:N) make it a high-severity threat in multi-user environments. No confirmed KEV or active exploitation data is available at this time, but the high CVSS score of 8.8 and the nature of certificate validation bypass attacks warrant immediate patching.

Technical Context

This vulnerability stems from CWE-295 (Improper Certificate Validation), a fundamental cryptographic control failure where the application fails to properly validate X.509 certificates during TLS/SSL connections. In the context of File Station 5, this likely affects SMB/CIFS protocol handling or inter-service communication where certificate pinning or hostname validation is inadequately enforced. The affected product is Synology File Station (CPE pattern: cpe:2.3:a:synology:file_station:*), a NAS management application. The root cause is insufficient verification of certificate chain integrity, issuer authenticity, or domain name matching, allowing man-in-the-middle (MITM) attacks or connection spoofing to trusted backend services. This is a protocol-level vulnerability affecting the TLS handshake validation logic.

Affected Products

Synology File Station 5 (< 5.5.6.4791)

Remediation

- action: Immediate Patching; details: Upgrade File Station 5 to version 5.5.6.4791 or later. This patch addresses the improper certificate validation flaw.; priority: CRITICAL - action: Access Control Review; details: Audit user accounts with File Station access to ensure only necessary users have credentials. Disable unused accounts to reduce attack surface, as the vulnerability requires PR:L (authenticated access). - action: Network Segmentation; details: Restrict File Station access to trusted networks or implement VPN-based access. Reduce internal network exposure where MITM attacks exploiting certificate validation bypass could succeed. - action: Monitor for Suspicious Activity; details: Enable File Station and DSM audit logging to detect anomalous data access or system configuration changes that might indicate post-authentication compromise. - action: Vendor Advisory; details: Check Synology Security Advisory for official patch details and deployment guidance. Synology typically provides patches through DSM Package Manager or manual package downloads.

Priority Score

44
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +44
POC: 0

Share

EUVD-2025-17343 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy