Security News > 2020 > October > QNAP warns of new QTS bugs that allow take over of devices

QNAP warns of new QTS bugs that allow take over of devices
2020-10-28 11:13

QNAP today announced two vulnerabilities affecting QTS, the operating system powering its network-attached storage devices, that could allow running arbitrary commands.

The network-attached storage device vendor does not provide too many details about the two issues but says that recent QTS releases include the necessary patches.

According to QNAP's security advisory, users that have updated the QTS operating system to at least version QTS 4.4.3.1421 build 20200907 have nothing to worry about.

It is unclear how an attacker could exploit these vulnerabilities or what components of the OS are vulnerable but running arbitrary commands on a system is typically synonymous with full take over of the device.

Another warning came on October 21 when the NAS device vendor alerted customers that some versions of the QTS operating system are impacted by the critical Windows ZeroLogon vulnerability.


News URL

https://www.bleepingcomputer.com/news/security/qnap-warns-of-new-qts-bugs-that-allow-take-over-of-devices/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Qnap 80 4 97 122 76 299