Primary

Context

Synology Active Backup for Business Recovery Media Creator OpenSSL Configuration Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Patched

A vulnerability has been identified in Synology Active Backup for Business Recovery Media Creator versions prior to 2.5.0-2081. This vulnerability arises from an inclusion of functionality from an untrusted control sphere in the OpenSSL configuration, allowing local users to execute arbitrary code through unspecified vectors.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution on the affected system.

Remediation

Users can update to Synology Active Backup for Business Recovery Media Creator version 2.5.0-2081 or later to address this vulnerability.

Added: Jun 3, 2026, 2:25 PM

Updated: Jun 3, 2026, 2:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

0.0

relevance

9.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

0.0

relevance

9.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Synology Active Backup for Business Recovery Media Creator OpenSSL Configuration Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

Synology Active Backup for Business Recovery Media Creator

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating