Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter in Synology BeeStation Manager (BSM) before 1.3.2-65648 and …

A classic buffer overflow vulnerability (CVE-2025-12686) has been identified in the AdminCenter component of Synology BeeStation Manager (BSM) and BeeStation OS versions prior to 1.3.2-65648. The vulnerability allows remote attackers to execute arbitrary code through unspecified vectors without proper input size validation. This affects both the management software and operating system of Synology's BeeStation products. The vulnerability is classified as high severity due to the potential for remote code execution. Users should update to version 1.3.2-65648 or later to mitigate this security risk.