PT-2021-11100 · Qnap · Surveillance Station
Published
2021-02-17
·
Updated
2021-02-22
·
CVE-2020-2501
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Surveillance Station versions prior to 5.1.5.4.3 for ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS)
Surveillance Station versions prior to 5.1.5.3.3 for ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS)
Description:
A stack-based buffer overflow issue has been reported to affect QNAP NAS devices running Surveillance Station, allowing attackers to execute arbitrary code if exploited.
Recommendations:
For Surveillance Station versions prior to 5.1.5.4.3 on ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS), update to version 5.1.5.4.3 or later.
For Surveillance Station versions prior to 5.1.5.3.3 on ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS), update to version 5.1.5.3.3 or later.
Fix
Memory Corruption
Stack Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Surveillance Station