CVE-2022-49040

Name of the Vulnerable Software and Affected Versions Synology Drive Client versions prior to 3.4.0-15721

Description A buffer copy without checking the size of the input, also known as a 'Classic Buffer Overflow', exists in the connection management functionality. This issue allows local users with administrator privileges to crash the client via unspecified vectors.

Recommendations For versions prior to 3.4.0-15721, update to version 3.4.0-15721 or later to resolve the issue. As a temporary workaround, consider restricting access to the connection management functionality to minimize the risk of exploitation.