CVE-2024-11131
Published: 19 March 2025
Summary
CVE-2024-11131 is a critical-severity Out-of-bounds Read (CWE-125) vulnerability in Synology Bc500 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 7.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Mandates timely remediation of identified flaws, directly addressing this out-of-bounds read vulnerability through firmware updates to version 1.2.0-0525 or later.
Implements memory safeguards such as address space layout randomization and non-executable memory to prevent arbitrary code execution from out-of-bounds reads in the video interface.
Requires validation of inputs to the video interface to restrict and sanitize data that could trigger the out-of-bounds read vulnerability.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Out-of-bounds read in public-facing video interface enables remote unauthenticated RCE on camera firmware, directly mapping to exploitation of public-facing applications.
NVD Description
A vulnerability regarding out-of-bounds read is found in the video interface. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camera Firmware versions before 1.2.0-0525 may be affected: BC500, CC400W and TC500.
Deeper analysisAI
CVE-2024-11131 is an out-of-bounds read vulnerability (CWE-125) in the video interface of Synology Camera Firmware. It affects the BC500, CC400W, and TC500 models running versions prior to 1.2.0-0525. Published on 2025-03-19, the flaw has a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and enables remote attackers to execute arbitrary code via unspecified vectors.
Remote, unauthenticated attackers can exploit this vulnerability over the network with low attack complexity and without requiring user interaction. Successful exploitation grants high-impact access to confidentiality, integrity, and availability, allowing arbitrary code execution on affected devices.
Synology Security Advisory SA_24_24 details mitigation, with the vulnerability fixed in firmware version 1.2.0-0525. Affected users should update to this version or later; see https://www.synology.com/en-global/security/advisory/Synology_SA_24_24 for full guidance.
Details
- CWE(s)