QNAP urges customers to update now to stay safe from dangerous security flaw

Another QNAP attack, and another quick security patch

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A new exploit has been discovered that affects QNAP customers running the latest versions of itsoperating systems: QTS 5.0.1 and QuTS hero h.5.0.1, but don’t worry, apply this patch and you should be good.

The vulnerability is said to allow threat actors to inject malicious code, and has been awarded a common vulnerability scoring system (CVSS) score of 9.8 (out of 10), rendering it of critical importance.

We’re unsure what the implications would be should a cyberattack take place, however QNAP is urging its customers to stay up to date and patch immediately.

TechRadar Pro needs you!We want to build a better website for our readers, and we need your help! You can do your bit by filling outour surveyand telling us your opinions and views about the tech industry in 2023. It will only take a few minutes and all your answers will be anonymous and confidential. Thank you again for helping us make TechRadar Pro even better.

D. Athow, Managing Editor

QNAP security patch

The exploit, codenamed CVE-2022-27596, is marked as ‘resolved’ on the company’swebsite, which details how users can check for firmware upgrades.

QNAP NAS users should navigate to Control Panel > System > Firmware Update, and select Check for Update under Live Update. Users can also perform a manual update by downloading the firmware from Support > Download Center.

The vulnerability has been fixed in the following versions:

These are the best endpoint protection software choices>QNAP NAS customers told to update now to protect against attack>Deadbolt ransomware is being used to target NAS vendors and customers

This isn’t the first time that QNAP customers have been urged to take action in order to prevent a cyberattack. In fact, the company is regularly under attack. That said, for the most part, it has responded promptly to exploits and issued timely patches, giving its users peace of mind that it’s committed to protecting their data.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Moreover, NAS attacks are an unfortunately common occurrence, and users of all device types are urged to protect their data as best they can. This can include using strong credentials and authentication, and usingVPNsandfirewalls,among other things.

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics