Buffer Overflow Vulnerability in HBS 3 Hybrid Backup Sync by QNAP
CVE-2024-53695

6.3MEDIUM

Key Information:

Vendor: QNAP
Status: Hbs 3 Hybrid Backup Sync
Vendor: CVE Published:; 7 March 2025

Summary

A buffer overflow vulnerability in HBS 3 Hybrid Backup Sync could enable remote attackers to manipulate memory or disrupt processes. This flaw was reported and has been addressed in version 25.1.4.952 and later, ensuring enhanced security for users. It is crucial for users to update to the latest version to mitigate potential risks associated with this vulnerability.

Affected Version(s)

HBS 3 Hybrid Backup Sync 25.1.x < 25.1.4.952

References

https://www.qnap.com/en/security-advisory/qsa-25-06

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Mar 7, 2025
Vulnerability Reserved
Nov 22, 2024

Credit

CataLpa of Hatlab, Dbappsecurity Co. Ltd.