The Information Highway

The Information Highway

Font size: +
2 minutes reading time (446 words)

Critical vulnerabilities in QNAP devices

Threat update

Critical authentication bypass vulnerabilities have been identified in QNAP network attached storage (NAS) devices. These flaws pose significant risks, allowing unauthorized access to affected devices. Review the recommendations in this Cybersecurity Threat Advisory to ensure your systems are secure. 

Technical Detail and Additional Info

What is the threat?

The threats involve critical authentication bypass vulnerabilities affecting the following devices: QTS, QuTS hero, QuTScloud, and myQNAPcloud. These flaws could be exploited by malicious actors to gain unauthorized access to the targeted devices. The manufacturer has identified three vulnerabilities, each presenting risks of authentication bypass, command injection, and SQL injection. They are as follows:

  1. CVE-2024-21899: Flawed authentication mechanisms allow unauthorized users to compromise system security remotely via the network.
  2. CVE-2024-21900: Authenticated users could exploit this flaw to run commands on the system through the network, potentially gaining unauthorized access or control.
  3. CVE-2024-21901: Authenticated administrators could take advantage of this flaw to inject malicious SQL code through the network, risking database integrity and content manipulation.

Why is it noteworthy?

These threats are significant due to their potential to compromise the security of QNAP NAS devices widely used by individuals and organizations for storage and data management. These also raise concern for the overall security of data storage solutions. 

What is the exposure or risk?

Organizations relying on these devices for file storage, backups, and collaborative work are at risk of data breaches, unauthorized data manipulation, or service interruptions.

What are the recommendations?

 LBT Technology Group, LLC. recommends the following actions to limit the impact of these vulnerabilities:

  • Ensure prompt installation of the latest QNAP firmware to address and mitigate the identified vulnerabilities:
    • QTS 5.1.3.2578 build 20231110 and later
    • QTS 4.5.4.2627 build 20231225 and later
    • QuTS hero h5.1.3.2578 build 20231110 and later
    • QuTS hero h4.5.4.2626 build 20231225 and later
    • QuTScloud c5.1.5.2651 and later
    • myQNAPcloud 1.0.52 (2023/11/24) and later
  • Enforce robust password policies and consider implementing multi-factor authentication to enhance overall system security.
  • Isolate NAS devices from direct internet access to reduce exposure and potential attack vectors.
  • Keep a vigilant eye on device logs for any unusual activities and investigate and respond promptly to potential security incidents.
  • Regularly review and adjust user access permissions to minimize the risk of unauthorized entry.
  • Provide security awareness training to users, emphasizing the importance of adhering to secure practices and reporting suspicious activities.
  • Implement regular data backups to ensure quick recovery in case of a security incident or data loss.
  • Consider implementing additional network security measures, such as firewalls and intrusion detection systems.

References

New acoustic attack determines keystrokes from typ...
McDonald's: Global outage was caused by "configura...

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Monday, 23 December 2024

Captcha Image

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023