Vulnerability Details CVE-2023-52946
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial buffers and crash the client via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.3%
CVSS Severity
CVSS v3 Score 8.2
Products affected by CVE-2023-52946
-
cpe:2.3:a:synology:drive_client:-
-
cpe:2.3:a:synology:drive_client:1.0.0-10240
-
cpe:2.3:a:synology:drive_client:1.0.1-10253
-
cpe:2.3:a:synology:drive_client:1.0.2-10275
-
cpe:2.3:a:synology:drive_client:1.0.3-10281
-
cpe:2.3:a:synology:drive_client:1.1.0-10544
-
cpe:2.3:a:synology:drive_client:1.1.1-10551
-
cpe:2.3:a:synology:drive_client:1.1.2-10562
-
cpe:2.3:a:synology:drive_client:1.1.3-10570
-
cpe:2.3:a:synology:drive_client:1.1.4-10580
-
cpe:2.3:a:synology:drive_client:2.0.0-11050
-
cpe:2.3:a:synology:drive_client:2.0.1-11061
-
cpe:2.3:a:synology:drive_client:2.0.2-11076
-
cpe:2.3:a:synology:drive_client:2.0.2-11078
-
cpe:2.3:a:synology:drive_client:2.0.3-11102
-
cpe:2.3:a:synology:drive_client:2.0.4-11112
-
cpe:2.3:a:synology:drive_client:3.0.0-12663
-
cpe:2.3:a:synology:drive_client:3.0.1-12664
-
cpe:2.3:a:synology:drive_client:3.0.1-12667
-
cpe:2.3:a:synology:drive_client:3.0.1-12674
-
cpe:2.3:a:synology:drive_client:3.0.2-12682
-
cpe:2.3:a:synology:drive_client:3.0.3-12689
-
cpe:2.3:a:synology:drive_client:3.1.0-12920
-
cpe:2.3:a:synology:drive_client:3.1.0-12923
-
cpe:2.3:a:synology:drive_client:3.2.0-13232
-
cpe:2.3:a:synology:drive_client:3.2.0-13238
-
cpe:2.3:a:synology:drive_client:3.2.0-13258
-
cpe:2.3:a:synology:drive_client:3.2.1-13271
-
cpe:2.3:a:synology:drive_client:3.2.1-13272
-
cpe:2.3:a:synology:drive_client:3.3.0-15082
-
cpe:2.3:a:synology:drive_client:3.4.0-15721
-
cpe:2.3:a:synology:drive_client:3.4.0-15724