===================================================================== CERT-Renater Note d'Information No. 2024/VULN017 _____________________________________________________________________ DATE : 08/01/2024 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running QTS, QuTS hero versions prior to 5.1.3.2578 build 20231110, 5.1.4.2596 build 20231128. ===================================================================== https://www.qnap.com/fr-fr/security-advisory/qsa-23-64 https://www.qnap.com/fr-fr/security-advisory/qsa-23-54 https://www.qnap.com/fr-fr/security-advisory/qsa-23-27 _____________________________________________________________________ Security ID : QSA-23-64 Vulnerability in QTS and QuTS hero Release date : January 6, 2024 CVE identifier : CVE-2023-39296 Affected products: QTS 5.1.x, QuTS hero h5.1.x Severity High Status Resolved Summary A prototype pollution vulnerability has been reported to affect certain QNAP operating system versions. If exploited, the vulnerability could allow remote users to override existing attributes with ones that have an incompatible type, which may cause the system to crash. We have already fixed the vulnerability in the following versions: Affected Product Fixed Version QTS 5.1.x QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.x QuTS hero h5.1.3.2578 build 20231110 and later Recommendation To secure your device, we recommend regularly updating your system to the latest version to benefit from vulnerability fixes. You can check the product support status to see the latest updates available to your NAS model. Updating QTS or QuTS hero Log in to QTS or QuTS hero as an administrator. Go to Control Panel > System > Firmware Update. Under Live Update, click Check for Update. The system downloads and installs the latest available update. Tip: You can also download the update from the QNAP website. Go to Support > Download Center and then perform a manual update for your specific device. Attachment CVE-2023-39296.json Acknowledgements: Anonymous working with SSD Secure Disclosure Revision History: V1.0 (January 06, 2023) - Published _____________________________________________________________________ Security ID : QSA-23-54 Vulnerability in QTS and QuTS hero Release date : January 6, 2024 CVE identifier : CVE-2023-39294 Affected products: QTS 5.1.x, QuTS hero h5.1.x Severity Medium Status Resolved Summary An OS command injection vulnerability has been reported to affect certain QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: Affected Product Fixed Version QTS 5.1.x QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.x QuTS hero h5.1.3.2578 build 20231110 and later Recommendation To secure your device, we recommend regularly updating your system to the latest version to benefit from vulnerability fixes. You can check the product support status to see the latest updates available to your NAS model. Updating QTS or QuTS hero Log in to QTS or QuTS hero as an administrator. Go to Control Panel > System > Firmware Update. Under Live Update, click Check for Update. The system downloads and installs the latest available update. Tip: You can also download the update from the QNAP website. Go to Support > Download Center and then perform a manual update for your specific device. Attachment CVE-2023-39294.json Acknowledgements: rekter0 Revision History: V1.0 (January 06, 2023) - Published _________________________________________________________________ Security ID : QSA-23-27 Multiple Vulnerabilities in QTS and QuTS hero Release date : January 6, 2024 CVE identifier : CVE-2023-45039 | CVE-2023-45040 | CVE-2023-45041 | CVE-2023-45042 | CVE-2023-45043 | CVE-2023-45044 Affected products: QTS 5.1.x, QuTS hero h5.1.x Severity Low Status Resolved Summary Multiple buffer copy without checking size of input vulnerabilities have been reported to affect certain QNAP operating system versions. If exploited, the vulnerabilities could allow authenticated administrators to execute code via a network. We have already fixed the vulnerabilities in the following versions: Affected Product Fixed Version QTS 5.1.x QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.x QuTS hero h5.1.4.2596 build 20231128 and later Recommendation To secure your device, we recommend regularly updating your system to the latest version to benefit from vulnerability fixes. You can check the product support status to see the latest updates available to your NAS model. Updating QTS or QuTS hero Log in to QTS or QuTS hero as an administrator. Go to Control Panel > System > Firmware Update. Under Live Update, click Check for Update. The system downloads and installs the latest available update. Tip: You can also download the update from the QNAP website. Go to Support > Download Center and then perform a manual update for your specific device. Attachment CVE-2023-45039.json CVE-2023-45040.json CVE-2023-45041.json CVE-2023-45042.json CVE-2023-45043.json CVE-2023-45044.json Acknowledgements: Jiaxu Zhao && Bingwei Peng Revision History: V1.0 (January 06, 2024) - Published ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================