QNAP Issues Urgent Warning to Customers Regarding Critical Linux Vulnerability

Home/Linux Malware, Security Advisory, Security Update, Targeted Attacks, Tips, vulnerability/QNAP Issues Urgent Warning to Customers Regarding Critical Linux Vulnerability

QNAP Issues Urgent Warning to Customers Regarding Critical Linux Vulnerability

QNAP, a manufacturer of network-attached storage (NAS) systems, issued a warning to its users regarding a critical vulnerability that can be exploited through the Sudo program for Linux

CVE-2023-22809

The vulnerability, named CVE-2023-22809, can potentially allow attackers to gain elevated privileges via Sudo versions 1.8.0 through 1.9.12p1, potentially resulting in unauthorized access to a user’s data. While there have been no reported cases of the vulnerability being exploited, QNAP has urged its customers to update their storage systems as soon as possible. All QNAP systems running QTS, QuTS hero, QuTScloud, QVP, and QVP Pro operating systems are at risk, and users are advised to check for updates regularly.

The vulnerability also affects the QTS, QuTS hero, QuTScloud, and QVP (QVR Pro appliances) NAS operating systems, as QNAP revealed in a security advisory published on Wednesday.

To update QTS, QuTS hero or QuTScloud customers must click on the “Check for Update” option under the “Live Update” area after logging in as admin users and go to Control Panel > System > Firmware Update.

Alternatively, they can update manually after downloading it from QNAP’s Download Center by selecting their product type and device model.

Updated Version

The company has already released updates for QTS version 5.0.1.2346 (build 20230322 and newer) and QuTS hero version h5.0.1.2348 (build 20230324 and newer), which can be installed via the Firmware Update heading in the Control Panel under System. 

Follow Us on: Twitter, InstagramFacebook to get the latest security news!

By | 2023-04-02T23:37:53+05:30 April 2nd, 2023|Linux Malware, Security Advisory, Security Update, Targeted Attacks, Tips, vulnerability|

About the Author:

FirstHackersNews- Identifies Security

Leave A Comment

Subscribe to our newsletter to receive security tips everday!