CVE-2025-4679

None

Description

A vulnerability in Synology Active Backup for Microsoft 365 allows remote authenticated attackers to obtain sensitive information via unspecified vectors.

INFO

Published Date :

2025-05-16T08:36:37.066Z

Last Modified :

2025-07-02T11:50:13.308Z

Source :

synology

AFFECTED PRODUCTS

The following products are affected by CVE-2025-4679 vulnerability.

Vendors	Products
Synology	Active Backup For Microsoft 365

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-4679.

URL	Resource
https://modzero.com/en/blog/when-backups-open-backdoors-synology-active-backup-m365/
https://modzero.com/static/MZ-25-02_modzero_Synology-Active-Backup-M365.pdf
https://www.synology.com/en-global/security/advisory/Synology_SA_25_06

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact