CVE-2025-12686

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Synology BeeStation (affected versions not specified)

Description A critical zero-day remote code execution issue exists in Synology BeeStation. The vulnerability was discovered at Pwn2Own and allows for remote code execution. No details are provided regarding the number of potentially affected devices or any real-world incidents beyond its demonstration at Pwn2Own. No specific API endpoints, vulnerable parameters, or function names are mentioned in the provided information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2025-12686

Affected Products

Synology Beestation

CVE-2025-12686

Related Identifiers

Affected Products

References · 8