Patch Now: QNAP Security Update for CVE-2022-27596
A critical SQL injection flaw in QNAP appliances (CVE-2022-27596) was disclosed on January 30th. Exploitation would result in the unauthenticated remote execution of injected malicious code. While the flaw has not been observed being exploited in the wild at this time, MSPs should expect that when an exploit is available it will lead to ransomware attacks. The Deadbolt ransomware group is well known for targeting QNAP NAS devices. Censys, a security company that conducts internet attack surface mapping, estimates nearly 30,000 vulnerable QNAP appliances that are internet facing are exposed to future exploitation. MSPs that operate, or assist SMBs in operating, affected QNAP NAS appliances should PATCH NOW.
-Kaseya Vulnerability Management Team