Download PDF version Contact company

QNAP® Systems Inc. recently announced firmware updates for Turbo NAS systems with vulnerability to the OpenSSL Heartbleed bug (CVE-2014-0160). The operating systems vulnerable to Heartbleed are QTS versions 4.0 and 4.1. Versions 3.8 and earlier use a different version of OpenSSL and are not affected by the OpenSSL Heartbleed bug.

As described on the Common Vulnerabilities and Exposures website, the OpenSSL 1.0.1 TLS and DTLS implementation, before 1.0.1g, does not properly process Heartbeat Extension packets which allow remote attackers to obtain sensitive information by reading private keys (aka the Heartbleed bug).

“We strongly urge users of vulnerable Turbo NAS systems to update their firmware,” said Jason Hsu, Product Manager of QNAP. “Users are also recommended to contact their SSL providers to regenerate their SSL CSR/keys for server protection.

Download PDF version Download PDF version

Related videos

ROAMEO Gen 4 patrolling St. Louis in support of NCAA Frozen four championship

ROAMEO Gen 4 patrolling St. Louis in support of NCAA Frozen four championship
Overcoming security challenges in digital access: Expert tips & insights

Overcoming security challenges in digital access: Expert tips & insights
SARISA firing tests

SARISA firing tests

In case you missed it

How is AI transforming physical security?
How is AI transforming physical security?

In the physical security marketplace, artificial intelligence (AI) has evolved beyond the novelty phase. The emphasis has now shifted to the more practical aspects of implementing...

Sunprime & Dahua: Advanced security for solar plants
Sunprime & Dahua: Advanced security for solar plants

Founded in 2020 by a team of energy professionals in Milan, Sunprime is a fast-growing independent renewable energy producer that develops sustainable photovoltaic plants across It...

ISC West update: New SoCs inside cameras drive intelligence at the edge
ISC West update: New SoCs inside cameras drive intelligence at the edge

For all the emphasis on cloud systems and centralised servers at ISC West, a lot of innovation in security video systems is happening at the edge. New advancements inside video c...

Featured white papers
Using artificial intelligence (AI) to automate physical security systems

Using artificial intelligence (AI) to automate physical security systems

Download
A modern guide to data loss prevention

A modern guide to data loss prevention

Download
7 proven solutions for law enforcement key control and asset management

7 proven solutions for law enforcement key control and asset management

Download
The truth behind 9 mobile access myths

The truth behind 9 mobile access myths

Download
Access control system planning phase 2

Access control system planning phase 2

Download
Quick poll
Which trend do you think will define physical security in the next 5 years?
More product news
SICNT releases MASHEN N2, its 4 and 8 channels super mini NVR

SICNT releases MASHEN N2, its 4 and 8 channels super mini NVR
Dahua expands its Eco-Savvy 3- Megapixel 5000-series network cameras

Dahua expands its Eco-Savvy 3- Megapixel 5000-series network cameras
Dahua launches its 3MP Ultra-Smart network camera, DH-IPC-8000

Dahua launches its 3MP Ultra-Smart network camera, DH-IPC-8000
Featured products
Anviz W2 Face Hybrid Biometric Time Attendance & Access Control Terminal

Anviz W2 Face Hybrid Biometric Time Attendance & Access Control Terminal
Morse Watchmans SmartKey Locker® Touch

Morse Watchmans SmartKey Locker® Touch
Dahua AI-powered 8MP TiOC Pro WizColor Eyeball Camera

Dahua AI-powered 8MP TiOC Pro WizColor Eyeball Camera