QNAP Patches Zero-day Vulnerability Exploited by Deadbolt Ransomware
September 6, 2022
QNAP Patches Zero-day Vulnerability Exploited by Deadbolt Ransomware
QNAP has issued a warning to customers of ongoing “DeadBolt” ransomware attacks that started on Saturday by exploiting a zero-day vulnerability in Photo Station.
Affected Products
- QTS 5.0.1 Photo Station Fixed in 6.1.2 and later.
- QTS 5.0.0/4.5.x Photo Station Fixed in 6.0.22 and later.
- QTS 4.3.6 Photo Station Fixed in 5.7.18 and later.
- QTS 4.3.3 Photo Station Fixed in 5.4.15 and later.
- QTS 4.2.6 Photo Station Fixed in 5.2.14 and later.
Mitigation
CYREBRO recommends updating QNAP NAS devices to the latest firmware version
additionally, it is also recommended to disable port forwarding on routers, prevent NAS devices from being accessible through the Internet, use strong passwords for user accounts, and perform regular backups to avoid data loss.
Workaround
Alternatively, QNAP recommends replacing Photo Station with QuMagie, a more secure photo storage management tool for QNAP NAS devices.
References: QNAP Advisory