CVE-2025-53589

Name of the Vulnerable Software and Affected Versions QNAP versions prior to QTS 5.2.7.3256 build 20250913 QNAP versions prior to QuTS hero h5.2.7.3256 build 20250913 QNAP versions prior to QuTS hero h5.3.1.3250 build 20250912

Description A NULL pointer dereference issue exists in QNAP operating systems. A remote attacker gaining administrator account access can exploit this to cause a denial-of-service (DoS) condition. A NULL pointer dereference occurs when a program attempts to access a memory location that has not been assigned a valid value, leading to unpredictable behavior and potentially crashing the system.

Recommendations Update QTS to version 5.2.7.3256 build 20250913 or later. Update QuTS hero to version h5.2.7.3256 build 20250913 or later. Update QuTS hero to version h5.3.1.3250 build 20250912 or later.