Top NAS Devices Are Being Targeted By This Dangerous Malware

[ad_1]

IoT cybersecurity company Sternum has identified a security vulnerability affecting Zyxel Networks’ Linux-operated NAS drives, including NAS326, NAS540, and NAS542 models, running on firmware version 5.21.

Zyxel Networks’ advisory reads: “The post-authentication command injection vulnerability has been found in the web management interface of some NAS versions,” citing firmware 5.21 and previous versions.

Users are being urged to patch their NAS drives with the latest firmware, which is also identified as 5.21, in order to protect their devices.

Zyxel Networks NAS owners urged to apply patch

Specifically, NAS326 owners are being told to update from 5.21 (AAZF.12)C0 to (AAZF.13)C0, NAS540 from (AATB.9)C0 to (AATB.10)C0, and NAS542 from (ABAG.9)C0 to (ABAG.10)C0. The updates are available from the Zyxel website.

Sternum’s Noam Zhitomirsky, Reuven Yakar, Dean Zavadski, and Amit Serper are credited with notifying the NAS maker of the vulnerability, which was marked as CVE-2023-27988 on May 30, 2023.

In a press release, Sternum said: “Sternum security researchers were in the process of scanning one of the Zyxel NAS units as part of the company’s standard lab deployment process when a “Dangerous String Format” alert was triggered by one of the security logics in the Sternum security platform.”

The problem was pinpointed as being with the ntpdate_date process, which left a vulnerability allowing an authenticated user to execute an arbitrary system command with root privileges on the system.

Sternum stressed that this could allow hackers to inject remote malware onto unsuspecting NAS drive owners’ devices.

While Zyxel’s quickly-issued patch will fix the issue, Sternum’s researchers believe that other companies’ drives could be vulnerable to similar issues, urging customers and consumers to always keep an eye out for company announcements and apply patches as soon as they become available.

Looking to take your storage entirely off-prem? Check out the best cloud storage providers

[ad_2]
#Top #NAS #devices #targeted #dangerous #malware

Top NAS devices are being targeted by this dangerous malware

Leave a Comment Cancel reply

Product Highlight

Recent Posts

SSC all exams, links is here

SC-ST Act misuse: Supreme Court`s BIG decision for fair trial, says casteist slurs away from public not an offence

`Affects their reputation and standing`: India on reports of China`s on-site support to Pakistan during Op Sindoor

NEET 2026 leak probe deepens as CBI, Rajasthan Police detain 16 across multi-state network

SC to hear plea against Madras HC order barring TVK MLA from floor test proceedings tomorrow

One intruder killed as army foils infiltration bid along LoC in Poonch sector of J-K

Who is Radhan Pandit Vettrivel? Vijay appoints his astrologer as Officer on Special Duty to CM in Tamil Nadu govt

NEET Paper Leak Controversy: How many times has NEET faced paper leak allegations? Check full timeline

No LPG, fuel shortage; Govt clarifies amid Global energy crisis, urges for conservation

Delhi HC issues notice on plea seeking free broadcast of FIFA World Cup 2026 in India

How under Palaniswami, AIADMK is writing the story of its own collapse | Analysis

Welcome

Categorys

Site Links