=====================================================================

                                CERT-Renater

                      Note d'Information No. 2023/VULN385

_____________________________________________________________________

DATE                : 10/10/2023

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running QTS versions prior to
                 5.0.1.2425 build 20230609, 5.1.0.2444 build 20230629,
                      5.4.2467 build 20230718,
               QuTS hero versions prior to h5.0.1.2515 build 20230907,
                h5.1.0.2424 build 20230609, h5.1.0.2424 build 20230609,
                        QuTScloud versions prior to c5.1.0.2498.

=====================================================================
https://www.qnap.com/en/security-advisory/qsa-23-37
_____________________________________________________________________


Security ID : QSA-23-37
Vulnerability in QTS, QuTS hero, and QuTScloud

     Release date : October 7, 2023

     CVE identifier : CVE-2023-32971|CVE-2023-32972

     Affected products: QTS 5.1.x, 5.0.x, 4.5.x; QuTS hero h5.1.x,
h5.0.x, h4.5.x; QuTScloud c5.x


Severity
Medium

Status
Resolved


Summary

A buffer copy without checking size of input vulnerability has been
reported to affect several QNAP operating systems. If exploited,
the vulnerability could allow authenticated administrators to
execute code via a network.

We have already fixed the vulnerability in the following operating
system versions:


Affected Product              Fixed Version

QTS 5.0.x 	        QTS 5.0.1.2425 build 20230609 and later
QTS 5.1.x 	        QTS 5.1.0.2444 build 20230629 and later
QTS 4.5.x 	        QTS 4.5.4.2467 build 20230718 and later
QuTS hero h5.0.x 	QuTS hero h5.0.1.2515 build 20230907 and later
QuTS hero h5.1.x 	QuTS hero h5.1.0.2424 build 20230609 and later
QuTS hero h4.5.x 	QuTS hero h4.5.4.2476 build 20230728 and later
QuTScloud c5.x          QuTScloud c5.1.0.2498 and later


Recommendation

To secure your device, we recommend regularly updating your system to 
the latest version to benefit from vulnerability fixes. You can check 
the product support status to see the latest updates available to your 
NAS model.

Updating QTS, QuTS hero, or QuTScloud

     Log in to QTS, QuTS hero, or QuTScloud as an administrator.
     Go to Control Panel > System > Firmware Update.
     Under Live Update, click Check for Update.
     The system downloads and installs the latest available update.

Tip: You can also download the update from the QNAP website. Go to 
Support > Download Center and then perform a manual update for your 
specific device.

Attachment

     CVE-2023-32971.json
     CVE-2023-32972.json

Acknowledgements: Jiaxu Zhao && Bingwei Peng

Revision History:
V1.0 (October 07, 2023) - Published


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================