CVE-2025-12686

Summary

Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter in Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via unspecified vectors.

Affected Software

VendorProductVersion RangeStatus
SynologyBeeStation OS1.3 < 1.3.2-65648affected
SynologyBeeStation OS1.2 < 1.3.2-65648affected
SynologyBeeStation OS1.1 < 1.3.2-65648affected
SynologyBeeStation OS1.0 < 1.3.2-65648affected
SynologyBeeStation OS0 < 1.0unknown

Weaknesses

  • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References