Origin Validation Error

CVE-2025-13593

Medium

6.1/10

Summary

Origin validation error vulnerability in Synology ActiveProtect Agent before 1.1.0-0439 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-346 - Origin Validation Error

The software does not properly verify that the source of data or communication is valid.

References

Advisory Timeline

Published May 27, 2026

Origin Validation Error

CVE-2025-13593

Summary

CWE-346 - Origin Validation Error

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS