Synology SSL VPN Client Vulnerabilities Let Remote Attackers Access Sensitive Files

Home Cyber Security News Synology SSL VPN Client Vulnerabilities Let Remote Attackers Access Sensitive Files Synology reveals two severe SSL VPN Client flaws that could let remote attackers steal sensitive files and intercept network traffic. The vulnerabilities affect users running older versions of the software and require immediate patching to prevent potential network compromise. Virtual Private Networks serve as critical gateways for secure communications, making vulnerabilities in VPN client software highly attractive to threat actors. A successful exploit of these flaws could give attackers a quiet foothold into user sessions and corporate data. Synology SSL VPN Client Vulnerabilities The latest security update resolves two distinct vulnerabilities, both rated “Important” by Synology. The specific vulnerabilities tracked in this advisory include: CVE-2021-47960 (CVSS Score 6.5): This flaw involves files and directories being improperly accessible to external parties. It allows remote attackers to read sensitive files directly from the SSL VPN Client installation directory. CVE-2021-47961 (CVSS Score 8.1): This more severe vulnerability is caused by the plaintext storage of passwords. It enables remote attackers to obtain or manipulate the user’s PIN code due to insecure storage mechanisms on the local machine. While both vulnerabilities can lead to significant system compromises, they share a common attack vector that requires user interaction. A threat actor cannot trigger these flaws completely unprompted. Instead, the victim must be tricked into visiting a specially crafted malicious web page while the vulnerable Synology VPN client is running. For the file access flaw, the attacker leverages a local HTTP server bound to the loopback interface. Once the user interacts with the malicious page, the attacker can silently retrieve sensitive information, such as configuration files, digital certificates, and system logs. For the PIN code vulnerability, the attack exposes the poorly stored credentials to the threat actor. This ultimately allows the attacker to authorize rogue VPN configurations and intercept subsequent VPN traffic without the victim’s knowledge. Security researcher Laurent Sibilla was credited with discovering and reporting these issues to the vendor. Patch Availability and Remediation According to the official advisory, there are currently no temporary mitigations or workarounds available to defend against these exploits. Applying the official security patch is the only effective way to close these security gaps. To protect against these threats, users and network administrators must take the following steps: Upgrade the Synology SSL VPN Client to version 1.4.5-0684 or a newer release immediately. Educate network users about the risks of clicking suspicious links or visiting untrusted websites while connected to enterprise VPNs. Monitor VPN access logs for any unauthorized configuration changes, credential anomalies, or unusual traffic patterns. Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories. RELATED ARTICLESMORE FROM AUTHOR Cyber Security Critical FortiSandbox Vulnerabilities Allow Attackers to Execute Unauthorized Commands Cyber Security News New Mirax Android RAT Turns Infected Phones Into Residential Proxy Nodes Cyber Security News New PlugX USB Worm Spreads Across Multiple Continents Using DLL Sideloading Top 10 Top 10 Best User Access Management Tools in 2026 April 4, 2026 Top 10 Best VPN For Chrome in 2026 April 4, 2026 20 Best Application Performance Monitoring Tools in 2026 April 3, 2026 Top 10 Best VPN For Linux In 2026 April 3, 2026 10 Best VPN For Privacy In 2026 April 2, 2026