📧 info@ciso.sa | 📱 +966550939344 | Riyadh, Kingdom of Saudi Arabia
About FAQ Contact Us Terms of Service Privacy Policy 🌐 العربية
🔐

Welcome — Sign in or create an account for full access.

🔑 Sign In ✨ Register
🌐 العربية Sign In Create Account
🔧 Scheduled Maintenance — Saturday 2:00-4:00 AM AST. Some features may be temporarily unavailable.    ●   
💎
Pro Plan 50% Off Unlock all AI features, unlimited reports, and priority support. Upgrade
Search Center
ESC to close
navigate open Ctrl+K search
CISO Consulting
Global vulnerability Artificial Intelligence and Technology HIGH 16m Global general Technology and Artificial Intelligence MEDIUM 3h Global general Technology and Artificial Intelligence HIGH 4h Global vulnerability Higher Education CRITICAL 13h Global data_breach Government HIGH 14h Global supply_chain Software Development and Open Source Communities CRITICAL 14h Global malware Software Development CRITICAL 14h Global phishing Multiple Sectors HIGH 15h Global vulnerability Web Applications CRITICAL 15h Global apt Critical Infrastructure CRITICAL 16h Global vulnerability Artificial Intelligence and Technology HIGH 16m Global general Technology and Artificial Intelligence MEDIUM 3h Global general Technology and Artificial Intelligence HIGH 4h Global vulnerability Higher Education CRITICAL 13h Global data_breach Government HIGH 14h Global supply_chain Software Development and Open Source Communities CRITICAL 14h Global malware Software Development CRITICAL 14h Global phishing Multiple Sectors HIGH 15h Global vulnerability Web Applications CRITICAL 15h Global apt Critical Infrastructure CRITICAL 16h Global vulnerability Artificial Intelligence and Technology HIGH 16m Global general Technology and Artificial Intelligence MEDIUM 3h Global general Technology and Artificial Intelligence HIGH 4h Global vulnerability Higher Education CRITICAL 13h Global data_breach Government HIGH 14h Global supply_chain Software Development and Open Source Communities CRITICAL 14h Global malware Software Development CRITICAL 14h Global phishing Multiple Sectors HIGH 15h Global vulnerability Web Applications CRITICAL 15h Global apt Critical Infrastructure CRITICAL 16h
Vulnerabilities

CVE-2025-9110

High
QNAP QTS/QuTS hero Sensitive System Information Exposure Vulnerability (CVE-2025-9110)
CWE-497 — Weakness Type
Published: Jan 2, 2026  ·  Modified: Feb 28, 2026  ·  Source: NVD
CVSS v3
7.5
🔗 NVD Official
📄 Description (English)

An exposure of sensitive system information to an unauthorized control sphere vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to read application data.

We have already fixed the vulnerability in the following versions:
QTS 5.2.8.3332 build 20251128 and later
QuTS hero h5.2.8.3321 build 20251117 and later
QuTS hero h5.3.1.3250 build 20250912 and later

🤖 AI Executive Summary

CVE-2025-9110 is a high-severity information disclosure vulnerability in QNAP NAS operating systems (QTS and QuTS hero) that allows remote attackers to read sensitive application data through exposure of system information. The vulnerability affects multiple QTS 5.2.x versions released between April 2024 and January 2025, with patches available in newer builds. Organizations using affected QNAP devices should prioritize immediate patching to prevent unauthorized data access.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: May 2, 2026 23:37
🇸🇦 Saudi Arabia Impact Assessment
Saudi organizations using QNAP NAS devices for data storage and backup are at significant risk, particularly in banking sector (for transaction records and customer data), government agencies (for classified documents and citizen records), healthcare institutions (for patient medical records), and energy sector (for operational data). ARAMCO, SAMA-regulated financial institutions, and government ministries relying on QNAP infrastructure for data management face potential exposure of sensitive business intelligence, financial records, and operational information. The vulnerability could facilitate data exfiltration and compliance violations under SAMA CSF and NCA ECC requirements.
🏢 Affected Saudi Sectors
Banking and Financial Services Government and Public Administration Healthcare and Medical Institutions Energy and Utilities Telecommunications Oil and Gas Education Retail and E-commerce
⚖️ Saudi Risk Score (AI)
7.8
/ 10.0
🔧 Remediation Steps (English)
IMMEDIATE ACTIONS:

1. Identify all QNAP NAS devices running affected QTS versions (5.2.0.2737 through 5.2.3.3006 builds before specified dates)

2. Isolate affected devices from production networks if immediate patching is not possible

3. Review access logs for unauthorized data access attempts



PATCHING GUIDANCE:

1. Update QTS to version 5.2.8.3332 build 20251128 or later

2. Update QuTS hero to h5.2.8.3321 build 20251117 or later

3. Update QuTS hero to h5.3.1.3250 build 20250912 or later

4. Test patches in non-production environment before deployment

5. Schedule maintenance windows for patching to minimize business disruption



COMPENSATING CONTROLS (if immediate patching delayed):

1. Implement network segmentation to restrict access to QNAP devices

2. Enable authentication and access controls on NAS shares

3. Monitor network traffic for suspicious data exfiltration patterns

4. Disable unnecessary services and remote access protocols

5. Implement firewall rules to limit QNAP device accessibility



DETECTION RULES:

1. Monitor for unusual outbound connections from QNAP devices

2. Alert on access to sensitive application data directories

3. Track failed and successful authentication attempts to NAS

4. Monitor system logs for information disclosure indicators

5. Implement SIEM rules for data exfiltration patterns
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:

1. تحديد جميع أجهزة QNAP NAS التي تعمل بإصدارات QTS المتأثرة (5.2.0.2737 إلى 5.2.3.3006 قبل التواريخ المحددة)

2. عزل الأجهزة المتأثرة عن شبكات الإنتاج إذا لم يكن التصحيح الفوري ممكناً

3. مراجعة سجلات الوصول لمحاولات الوصول غير المصرح بها



إرشادات التصحيح:

1. تحديث QTS إلى الإصدار 5.2.8.3332 build 20251128 أو أحدث

2. تحديث QuTS hero إلى h5.2.8.3321 build 20251117 أو أحدث

3. تحديث QuTS hero إلى h5.3.1.3250 build 20250912 أو أحدث

4. اختبار التصحيحات في بيئة غير الإنتاج قبل النشر

5. جدولة نوافذ الصيانة للتصحيح لتقليل انقطاع الأعمال



الضوابط البديلة (إذا تأخر التصحيح الفوري):

1. تنفيذ تقسيم الشبكة لتقييد الوصول إلى أجهزة QNAP

2. تفعيل المصادقة والتحكم في الوصول على مشاركات NAS

3. مراقبة حركة المرور على الشبكة للكشف عن أنماط تسرب البيانات المريبة

4. تعطيل الخدمات غير الضرورية وبروتوكولات الوصول البعيد

5. تنفيذ قواعد جدار الحماية لتحديد إمكانية الوصول إلى جهاز QNAP



قواعد الكشف:

1. مراقبة الاتصالات الخارجية غير العادية من أجهزة QNAP

2. التنبيه على الوصول إلى دلائل بيانات التطبيق الحساسة

3. تتبع محاولات المصادقة الفاشلة والناجحة على NAS

4. مراقبة سجلات النظام لمؤشرات الكشف عن المعلومات

5. تنفيذ قواعد SIEM لأنماط تسرب البيانات
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
ECC 2024 A.5.1.1 - Access Control and Authentication ECC 2024 A.5.2.1 - User Access Management ECC 2024 A.6.1.1 - Information Classification ECC 2024 A.6.2.1 - Information Handling ECC 2024 A.12.6.1 - Management of Technical Vulnerabilities
🔵 SAMA CSF
SAMA CSF ID.AM-2 - Software Inventory SAMA CSF PR.AC-1 - Access Control SAMA CSF PR.DS-1 - Data Security SAMA CSF DE.CM-1 - System Monitoring SAMA CSF RS.MI-2 - Incident Recovery
🟡 ISO 27001:2022
ISO 27001:2022 A.5.1 - Policies for Information Security ISO 27001:2022 A.6.1 - Organization of Information Security ISO 27001:2022 A.8.1 - Asset Management ISO 27001:2022 A.8.2 - Classification of Information ISO 27001:2022 A.12.6 - Management of Technical Vulnerabilities
🟣 PCI DSS v4.0.1
PCI DSS 2.4 - Configuration Standards PCI DSS 6.2 - Security Patches PCI DSS 10.2 - Logging and Monitoring PCI DSS 11.2 - Vulnerability Scanning
📦 Affected Products / CPE 38 entries
qnap:qts:5.2.0.2737
qnap:qts:5.2.0.2744
qnap:qts:5.2.0.2782
qnap:qts:5.2.0.2802
qnap:qts:5.2.0.2823
qnap:qts:5.2.0.2851
qnap:qts:5.2.0.2860
qnap:qts:5.2.1.2930
qnap:qts:5.2.2.2950
qnap:qts:5.2.3.3006
qnap:qts:5.2.4.3070
qnap:qts:5.2.4.3079
qnap:qts:5.2.4.3092
qnap:qts:5.2.5.3145
qnap:qts:5.2.6.3195
qnap:qts:5.2.6.3229
qnap:qts:5.2.7.3256
qnap:qts:5.2.7.3297
qnap:quts_hero:h5.2.0.2737
qnap:quts_hero:h5.2.0.2782
qnap:quts_hero:h5.2.0.2789
qnap:quts_hero:h5.2.0.2802
qnap:quts_hero:h5.2.0.2823
qnap:quts_hero:h5.2.0.2851
qnap:quts_hero:h5.2.0.2860
qnap:quts_hero:h5.2.1.2929
qnap:quts_hero:h5.2.1.2940
qnap:quts_hero:h5.2.2.2952
qnap:quts_hero:h5.2.3.3006
qnap:quts_hero:h5.2.4.3070
qnap:quts_hero:h5.2.4.3079
qnap:quts_hero:h5.2.5.3138
qnap:quts_hero:h5.2.6.3195
qnap:quts_hero:h5.2.7.3256
qnap:quts_hero:h5.2.7.3297
qnap:quts_hero:h5.3.0.3115
qnap:quts_hero:h5.3.0.3145
qnap:quts_hero:h5.3.0.3192
📊 CVSS Score
7.5
/ 10.0 — High
📊 CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack VectorN — None / Network
Attack ComplexityL — Low / Local
Privileges RequiredN — None / Network
User InteractionN — None / Network
ScopeU — Unchanged
ConfidentialityH — High
IntegrityN — None / Network
AvailabilityN — None / Network
📋 Quick Facts
Severity High
CVSS Score7.5
CWECWE-497
EPSS0.02%
Exploit No
Patch ✓ Yes
Published 2026-01-02
Source Feed nvd
Views 5
🇸🇦 Saudi Risk Score
7.8
/ 10.0 — Saudi Risk
Priority: HIGH
🏷️ Tags
CWE-497
🏢 Vendor Advisories
🔗 https://www.qnap.com/en/security-advisory/qsa-25-51
⚡ Actions
🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details
Share this CVE
LinkedIn X / Twitter WhatsApp Telegram

💬 Comments

0
Loading comments
📣 Found this valuable?
Share it with your cybersecurity network
in LinkedIn 𝕏 X / Twitter 💬 WhatsApp ✈ Telegram
🍪 Privacy Preferences
CISO Consulting — Compliant with Saudi Personal Data Protection Law (PDPL)
We use cookies and similar technologies to provide the best experience on our platform. You can choose which types you accept.
🔒
Essential Always On
Required for the website to function properly. Cannot be disabled.
📋 Sessions, CSRF tokens, authentication, language preferences
📊
Analytics
Help us understand how visitors use the site and improve performance.
📋 Page views, session duration, traffic sources, performance metrics
⚙️
Functional
Enable enhanced features like content personalization and preferences.
📋 Dark/light theme, font size, custom dashboards, saved filters
📣
Marketing
Used to deliver content and ads relevant to your interests.
📋 Campaign tracking, retargeting, social media analytics
Privacy Policy →
CISO AI Assistant
Ask anything · Documents · Support
🔐

Introduce Yourself

Enter your details to access the full assistant

Your info is private and never shared
💬
CyberAssist
Online · responds in seconds
5 / 5
🔐 Verify Your Identity

Enter your email to receive a verification code before submitting a support request.

Enter to send · / for commands 0 / 2000
CISO AI · Powered by Anthropic Claude
✦ Quick Survey Help Us Improve CISO Consulting Your feedback shapes the future of our platform — takes less than 2 minutes.
⚠ Please answer this question to continue

How would you rate your overall experience with our platform?

Rate from 1 (poor) to 5 (excellent)

🎉
Thank you!
Your response has been recorded.