{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2024-115.pdf"
    },
    "title": "QNAP NAS Zero-Day Vulnerabilities",
    "serial_number": "2024-115",
    "publish_date": "31-10-2024 12:18:46",
    "description": "On October 29 and 30, 2024, QNAP released patches for two critical zero-day vulnerabilities, CVE-2024-50387 and CVE-2024-50388, affecting NAS devices. These vulnerabilities allow remote attackers to gain root access and execute arbitrary commands on compromised devices.<br>\n",
    "url_title": "2024-115",
    "content_markdown": "---\ntitle: 'QNAP NAS Zero-Day Vulnerabilities'\nnumber: '2024-115'\nversion: '1.0'\noriginal_date: 'October 29, 2024'\ndate: 'October 31, 2024'\n---\n\n_History:_\n\n* _31/10/2024 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn October 29 and 30, 2024, QNAP released patches for two critical zero-day vulnerabilities, **CVE-2024-50387** and **CVE-2024-50388**, affecting NAS devices. These vulnerabilities allow remote attackers to gain root access and execute arbitrary commands on compromised devices [1,2].\n\n\n# Technical Details\n\nThe vulnerability **CVE-2024-50387** in QNAP's SMB service could allow remote attackers to exploit the NAS system and potentially gain a root shell [1,3]. \n\nThe vulnerability **CVE-2024-50388** could allow remote attackers to execute arbitrary commands on affected devices [2,4].\n\n# Affected Products\n\n**CVE-2024-50387** \n\n- SMB Service before version 4.15.002 \n- SMB Service before version h4.15.002\n\n**CVE-2024-50388** \n\n- HBS 3 Hybrid Backup Sync before version 25.1.1.673\n\n# Recommendations\n\nCERT-EU recommends applying updates to the affected devices as soon as possible.\n\n# References\n\n[1] <https://www.qnap.com/fr-fr/security-advisory/qsa-24-42>\n\n[2] <https://www.qnap.com/fr-fr/security-advisory/qsa-24-41>\n\n[3] <https://www.bleepingcomputer.com/news/security/qnap-fixes-nas-backup-software-zero-day-exploited-at-pwn2own/>\n\n[4] <https://www.bleepingcomputer.com/news/security/qnap-patches-second-zero-day-exploited-at-pwn2own-to-get-root/>\n\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>31/10/2024 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On October 29 and 30, 2024, QNAP released patches for two critical zero-day vulnerabilities, <strong>CVE-2024-50387</strong> and <strong>CVE-2024-50388</strong>, affecting NAS devices. These vulnerabilities allow remote attackers to gain root access and execute arbitrary commands on compromised devices [1,2].</p><h2 id=\"technical-details\">Technical Details</h2><p>The vulnerability <strong>CVE-2024-50387</strong> in QNAP's SMB service could allow remote attackers to exploit the NAS system and potentially gain a root shell [1,3]. </p><p>The vulnerability <strong>CVE-2024-50388</strong> could allow remote attackers to execute arbitrary commands on affected devices [2,4].</p><h2 id=\"affected-products\">Affected Products</h2><p><strong>CVE-2024-50387</strong> </p><ul><li>SMB Service before version 4.15.002 </li><li>SMB Service before version h4.15.002</li></ul><p><strong>CVE-2024-50388</strong> </p><ul><li>HBS 3 Hybrid Backup Sync before version 25.1.1.673</li></ul><h2 id=\"recommendations\">Recommendations</h2><p>CERT-EU recommends applying updates to the affected devices as soon as possible.</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.qnap.com/fr-fr/security-advisory/qsa-24-42\">https://www.qnap.com/fr-fr/security-advisory/qsa-24-42</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.qnap.com/fr-fr/security-advisory/qsa-24-41\">https://www.qnap.com/fr-fr/security-advisory/qsa-24-41</a></p><p>[3] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.bleepingcomputer.com/news/security/qnap-fixes-nas-backup-software-zero-day-exploited-at-pwn2own/\">https://www.bleepingcomputer.com/news/security/qnap-fixes-nas-backup-software-zero-day-exploited-at-pwn2own/</a></p><p>[4] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.bleepingcomputer.com/news/security/qnap-patches-second-zero-day-exploited-at-pwn2own-to-get-root/\">https://www.bleepingcomputer.com/news/security/qnap-patches-second-zero-day-exploited-at-pwn2own-to-get-root/</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}