CVE-2025-30028
Synology · Active Backup for Business
A vulnerability in Synology Active Backup for Business allows unauthenticated remote attackers to read arbitrary files from the system.
Executive summary
An unauthenticated arbitrary file read vulnerability in Synology Active Backup for Business exposes sensitive system information to remote attackers.
Vulnerability
The vulnerability allows an unauthenticated remote attacker to bypass security controls and read arbitrary files on the host system, potentially leading to the exposure of configuration files or credentials.
Business impact
The ability for an unauthorized party to read arbitrary files presents a critical risk to data confidentiality, as it may lead to the exposure of sensitive system data or credentials. With a CVSS score of 8.6, this vulnerability is considered high-risk and could serve as a precursor to further exploitation or system-wide compromise.
Remediation
Immediate Action: Update the Synology Active Backup for Business software to the latest version as recommended by the vendor.
Proactive Monitoring: Monitor file access logs and network traffic for unusual patterns originating from external or unauthorized internal sources.
Compensating Controls: Ensure the backup management interface is not exposed to the public internet and utilize VPN or restricted network access.
Exploitation status
Public Exploit Available: false
Analyst recommendation
Immediate patching is required to prevent unauthorized access to sensitive files. Organizations should also verify that their backup infrastructure is segmented from the primary production network to minimize the blast radius of such vulnerabilities.