← Back to home
ICSA-23-355-02  ·  Published 2023-12-21  ·  View on CISA ICS-CERT ↗

QNAP VioStor NVR

CVSS 8.0 HIGH CISA KEV — Known Exploited

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution by exploiting NTP settings.

CVEs (1)

Remediations

  • QNAP has provided that users should download and apply the latest QVR Firmware.
  • QNAP has stated that QVR Firmware 5.x and 4.x are both end of life.
  • For more information, see QNAP's security advisory.
  • For more information, contact QNAP Support.

Affected Vendors

QNAP

Affected Products (1)

QNAP · VioStor NVR QVR firmware <4.x

Affected Sectors

Commercial Facilities

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more