QNAP Warns of Critical Vulnerability in Hybrid Backup Sync 3

NAS manufacturer QNAP warns Hybrid Backup Sync (HBS) 3 users of a critical vulnerability that could allow attackers to compromise the operating system's security. A security update has been released to address the vulnerability. It is an "improper access control" vulnerability, but further details are not provided by QNAP.

HBS 3 is a backup and restore solution. It supports a variety of local, remote server, and cloud storage services. A few weeks ago, QNAP NAS systems were infected with the Qlocker ransomware through another vulnerability in HBS 3.

Users are advised to update through the App Center to:

QTS 4.3.6: HBS 3 v3.0.210507 and newer

QTS 4.3.4: HBS 3 v3.0.210506 and newer

QTS 4.3.3: HBS 3 v3.0.210506 and newer

QNAP NAS with QTS 4.5.x with HBS 3 v16.x is not vulnerable.

Previous Post Next Post