CVE-2022-49036
Published Jun 3, 2026
·Updated
An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.0-2081 allows local users to execute arbitrary code via unspecified vectors.
Affected Software
1 affected component
Synology Active Backup for Business Recovery Media Creator<2.5.0-2081
Event History
Jun 3, 2026
CVE Published
via MITRE·01:26 PM
Data Sourced
via MITRE·01:26 PM
DescriptionSeverityWeakness
Data Sourced
via NVD·02:16 PM
DescriptionSeverityWeakness
Frequently Asked Questions
1
What is the severity of CVE-2022-49036?
CVE-2022-49036 has a high severity rating of 7.8.
2
How does CVE-2022-49036 affect users?
CVE-2022-49036 allows local users to execute arbitrary code, posing significant security risks.
3
What systems are impacted by CVE-2022-49036?
CVE-2022-49036 affects Synology Active Backup for Business Recovery Media Creator versions prior to 2.5.0-2081.
4
How do I fix CVE-2022-49036?
To fix CVE-2022-49036, users should upgrade to Synology Active Backup for Business Recovery Media Creator version 2.5.0-2081 or later.
5
What type of vulnerability is CVE-2022-49036?
CVE-2022-49036 is classified as an inclusion of functionality from an untrusted control sphere vulnerability.