A vulnerability in Synology's DiskStation Manager (DSM), which could be used to decode an administrator's password and remotely take control of the account, has been exposed. Sharon Brizinov from Claroty stated on Tuesday, "Under some rare conditions, an attacker could leak enough information to restore the seed of the pseudorandom number generator (PRNG), reconstruct the admin password, and remotely take over the admin account." The vulnerability, designated as CVE-2023-2729, has a medium severity rating of 5.9 on the CVSS scale.
Successful exploitation of such flaws could enable the threat actor to predict the generated password and gain access to otherwise restricted functionality. Brizinov explained, "By leaking the output of a few Math.Random() generated numbers, we were able to reconstruct the seed for the PRNG and use it to brute-force the admin password. Finally we were able to use the password to login to the admin account (after enabling it)." However, the attack depends on the attacker successfully extracting a few GUIDs that are also generated using the same method during the setup process to reconstruct the seed phrase for the PRNG.
Brizinov further stated, "In a real life scenario the attacker will first need to leak the aforementioned GUIDs, brute force the Math.Random state, and gain the admin password. Even after doing so, by default the builtin admin user account is disabled and most users won't enable it." He stressed the importance of not using Math.random() for anything related to security as it does not provide cryptographically secure random numbers. Instead, he recommended using the Web Crypto API, specifically the window.crypto.getRandomValues() method.