WARNING: HIGH-SEVERITY VULNERABILITIES IN QNAP QTS, QUTS, AND QUTSCLOUD, PATCH IMMEDIATELY!
Sources
https://www.qnap.com/en/security-advisories
Risks
QNAP fixed 24 vulnerabilities on 03/02/2024, including 2 high-severity vulnerabilities that could allow OS command execution.
The Centre for Cyber security Belgium recommends system administrators patch vulnerable systems as soon as possible. Analyze system and network logs for any suspicious activity. This report has instructions to help your organization.
In case of an intrusion, you can report an incident via: https://cert.be/en/report-incident
Description
QNAP fixed 24 vulnerabilities on 03/02/2024, including 2 high-severity vulnerabilities that could allow OS command execution.
These vulnerabilities allowed threat actors to carry out commands across the network in certain configurations of the QTS, QuTS hero, and QuTScloud operating systems from QNAP.
QNAP has released software patches that address these vulnerabilities.
Recommended Actions
Patch
The Centre for Cyber Security Belgium strongly recommends installing updates for vulnerable software with the highest priority, after thorough testing.
The latest version of the involved product can be found on their website: https://www.qnap.com/en/security-advisories
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://cert.be/en/report-incident
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.