Monday, December 15, 2025
CybersecurityNetworks

Synology Urges Immediate Patch for a Critical Zero-Day Discovered at Pwn2Own

Justin Erickson

by Justin Erickson

Synology has released a patch for a critical zero-day vulnerability affecting its NAS devices, disclosed during the Pwn2Own Ireland 2024 competition. This vulnerability allows attackers to execute code remotely without user interaction, posing significant risks to data security. Synology strongly advises users to update their NAS systems immediately to protect against potential exploitation. The vulnerability underscores the importance of timely updates for network storage devices.
This flaw has been listed as CVE-2024-10443.

Third-Party references:

Click the links below to learn more details. (Opens in a new tab/window.)

Bleeping Computer
The Hacker News
TechRadar
WIRED
CVE-2024-10443