QNAP NAS Elevation of Privilege Vulnerability
Release Date: 4 May 2026
RISK: Medium Risk
TYPE: Servers - Other Servers
A vulnerability was identified in QNAP NAS. A local attacker can exploit this vulnerability to trigger elevation of privilege on the targeted system.
Note:
CVE-2026-31431 is being exploited in the wild. A local privilege escalation vulnerability, commonly known as "Copy Fail", has been reported to affect the Linux kernel. If exploited, this vulnerability could allow an authenticated, non-administrator user with code execution capabilities to obtain elevated system privileges.
Impact
- Elevation of Privilege
System / Technologies affected
- QTS on specific QNAP ARM64 NAS models running Kernel 5.10
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
沒有留言:
發佈留言