CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Sep 29, 2022
High
CISA KEVRansomwareCVE-2022-27593
QNAP—Photo Station
Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow an attacker to modify system files. This vulnerability was observed being utilized in a Deadbolt ransomware campaign.
Required Action
https://www.qnap.com/en/security-advisory/qsa-22-24; https://nvd.nist.gov/vuln/detail/CVE-2022-27593
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Known
- Published
- Sep 8, 2022
- KEV Added
- Sep 8, 2022
- Due Date
- Sep 29, 2022
- Related Articles
- 0
Vendor
QNAP
Photo Station