CVE-2024-39352 – This vulnerability allows remote authenticated ... (How to Fix)

Q: What is the severity of CVE-2024-39352?

CVE-2024-39352 has a CVSS score of 4.9 (MEDIUM). This vulnerability allows remote authenticated administrators to bypass firmware integrity checks on Synology BC500 and TC500 cameras. Attackers could potentially install malicious firmware, compromising device security and functionality. Only administrators with valid credentials can exploit this flaw.

📋 TL;DR

This vulnerability allows remote authenticated administrators to bypass firmware integrity checks on Synology BC500 and TC500 cameras. Attackers could potentially install malicious firmware, compromising device security and functionality. Only administrators with valid credentials can exploit this flaw.

💻 Affected Systems

Products:

Synology BC500
Synology TC500

Versions: Synology Camera Firmware versions before 1.0.7-0298

Operating Systems: Embedded camera firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects cameras with administrator accounts; requires authenticated admin access to exploit

📦 What is this software?

Bc500 Firmware by Synology

View all CVEs affecting Bc500 Firmware →

Tc500 Firmware by Synology

View all CVEs affecting Tc500 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers install persistent malicious firmware that provides backdoor access, disables security features, or bricks the camera devices entirely.

🟠

Likely Case

Malicious administrators or compromised admin accounts install unauthorized firmware modifications to bypass security controls or gain additional privileges.

🟢

If Mitigated

With proper access controls and monitoring, exploitation would be limited to authorized administrators performing legitimate firmware updates.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Requires administrator credentials; unspecified vectors suggest multiple potential exploitation methods

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.0.7-0298 or later

Vendor Advisory: https://www.synology.com/en-global/security/advisory/Synology_SA_23_15

Restart Required: Yes

Instructions:

1. Log into Synology Surveillance Station. 2. Navigate to Surveillance Station > Camera > Camera List. 3. Select affected BC500/TC500 cameras. 4. Click 'Update Firmware'. 5. Apply version 1.0.7-0298 or later. 6. Restart cameras after update.

🔧 Temporary Workarounds

Restrict Administrator Access

all

Limit administrator accounts to only essential personnel and implement strong authentication controls

Network Segmentation

all

Isolate camera network segments from critical infrastructure and implement firewall rules restricting firmware update traffic

🧯 If You Can't Patch

Implement strict access controls and monitoring for administrator accounts
Disable remote firmware updates and require physical access for firmware changes

🔍 How to Verify

Check if Vulnerable:

Check camera firmware version in Surveillance Station > Camera > Camera List > select camera > Firmware Version

Check Version:

Not applicable - check via Surveillance Station web interface

Verify Fix Applied:

Confirm firmware version shows 1.0.7-0298 or higher after update

📡 Detection & Monitoring

Log Indicators:

Unusual firmware update activity
Multiple failed firmware update attempts
Firmware updates from unexpected sources

Network Indicators:

Unusual firmware download traffic patterns
Firmware update requests from unauthorized IP addresses

SIEM Query:

source="surveillance-station" AND (event="firmware_update" OR event="firmware_install")

📊 Metadata

CVE ID: CVE-2024-39352

CVSS v3 Score: 4.9 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

CWE: CWE-863

Published: June 28, 2024

Last Updated: April 10, 2025

🔗 References

https://www.synology.com/en-global/security/advisory/Synology_SA_23_15 Vendor Advisory
https://www.synology.com/en-global/security/advisory/Synology_SA_23_15 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-39352, you might also want to check these: