QNAP has released security patches for two zero-day vulnerabilities exploited during the recent Pwn2Own hacking contest. The company fixed critical SQL injection (SQLi) vulnerabilities in its SMB Service and HBS 3 Hybrid Backup Sync disaster recovery and data backup solution.
The first vulnerability, tracked as CVE-2024-50387, was found in QNAP’s SMB Service and allowed YingMuo to gain root access on a QNAP TS-464 NAS device. This vulnerability has been patched in versions 4.15.002 or later.
A second zero-day flaw, also fixed by QNAP, was exploited by Viettel Cyber Security during Pwn2Own Ireland 2024 to execute arbitrary commands and hack another TS-464 NAS device. The patch for this vulnerability is available in versions h4.15.002 and later.
QNAP devices are popular targets for cybercriminals due to their use for backing up and storing sensitive personal files. Quickly updating the software on your NAS device can help prevent attacks, as vendors typically take 90 days to release security patches after Pwn2Own. To update your QNAP device, log in to QuTS hero or QTS as an administrator, go to the App Center, search for “SMB Service,” and click “Update.”
Source: https://www.bleepingcomputer.com/news/security/qnap-patches-second-zero-day-exploited-at-pwn2own-to-get-root