Security News > 2020 > October > QNAP warns of new QTS bugs that allow take over of devices
QNAP today announced two vulnerabilities affecting QTS, the operating system powering its network-attached storage devices, that could allow running arbitrary commands.
The network-attached storage device vendor does not provide too many details about the two issues but says that recent QTS releases include the necessary patches.
According to QNAP's security advisory, users that have updated the QTS operating system to at least version QTS 4.4.3.1421 build 20200907 have nothing to worry about.
It is unclear how an attacker could exploit these vulnerabilities or what components of the OS are vulnerable but running arbitrary commands on a system is typically synonymous with full take over of the device.
Another warning came on October 21 when the NAS device vendor alerted customers that some versions of the QTS operating system are impacted by the critical Windows ZeroLogon vulnerability.