Updated: 2024-11-06 23:10:27 Pacfic
Zero-Click Vulnerability Found in Synology Photos App - 5d
Security researchers discovered a critical zero-click vulnerability within Synology’s Photos app, impacting millions of users. This vulnerability allows attackers to compromise the system without any user interaction. The flaw resides in a part of the app that doesn’t require authentication, enabling direct exploitation over the internet. Attackers can gain root access and install malicious code, potentially turning the infected device into a botnet for further nefarious activities. Synology has addressed the bug, but users need to manually update their devices. This incident highlights the importance of regularly updating software to mitigate security risks and the growing threat of zero-click vulnerabilities.
Critical Vulnerability in MediaTek Wi-Fi Chipsets Threatens Routers and Smartphones - 13d
A critical vulnerability, tracked as CVE-2024-20017, has been discovered in MediaTek Wi-Fi chipsets. This vulnerability allows attackers to exploit a zero-click flaw, potentially compromising devices without any user interaction. This vulnerability poses a significant risk to both routers and smartphones equipped with MediaTek Wi-Fi chipsets. Attackers can exploit the flaw to gain remote code execution capabilities, allowing them to control affected devices and potentially steal sensitive information. This incident underscores the need for regular security updates and the importance of utilizing security solutions that can detect and mitigate zero-click vulnerabilities. The widespread use of MediaTek chipsets in consumer devices amplifies the potential impact of this vulnerability.