QNAP informs its customers that certain NAS Appliances performing specific versions of the QTS operating system, are vulnerable to attacks trying to exploit the critical vulnerability of Windows, ZeroLogon (CVE-2020-1472).
Microsoft says that already many state hacking financially motivated groups and criminals, use this vulnerability to carry out attacks.
According to QNAP, this vulnerability, which gives the attacker more privileges in the system, allows the circumvention of security measures via a compromised QTS device on the network.
"NAS devices may be vulnerable to ZeroLogon vulnerability if users have configured the device as domain controller in Control Panel> Network & File Services> Win / Mac / NFS> Microsoft Networking", Says the company.
QNAP offers security updates
QNAP urges its customers to update the QTS operating system immediately on their NAS devices, as well as all installed ones applications, so as not to risk attacks that exploit the Zerologon vulnerability.
According to company, QTS 2.x and QES versions are not affected from vulnerability CVE-2020-1472. Additionally, the vulnerability has been fixed for the following versions:
- QTS 126.96.36.1996 build 20201015 and later versions
- QTS 188.8.131.529 build 20200925 and later versions
- QTS 184.108.40.2066 build 20200929 and later versions
- QTS 220.127.116.113 build 20201006 and later versions
- QTS 18.104.22.1682 build 20201006 and later versions
Users will be able to install the latest QTS update by downloading it from QNAP Download Center ή automatically following this procedure:
- Log in to QTS as an administrator.
- Go to Control Panel> System> Firmware Update.
- In the Live Update section, click Check for Updates.
- QTS downloads and installs the latest available update.
According to Bleepingcomputer, to update the applications installed on their NAS devices, users must follow the steps described in detail in company guide.
Some time ago, QNAP fixed two critical bugs in the application Helpdesk that could allow intruders to take control of uninformed NAS devices, and warned of increase of ransomware attacks targeting these devices.