Cyber Posture

CVE-2024-53695

Critical

Published: 07 March 2025

Published
07 March 2025
Modified
16 January 2026
KEV Added
Patch
CVSS Score 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
EPSS Score 0.0079 74.0th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

Security Summary

CVE-2024-53695 is a buffer overflow vulnerability (CWE-120, CWE-121) in HBS 3 Hybrid Backup Sync from QNAP, published on 2025-03-07. The flaw affects this backup synchronization software, earning a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H), indicating critical severity due to its potential for high impact on integrity and availability without confidentiality compromise.

Remote attackers can exploit the vulnerability over the network with low attack complexity, requiring no privileges, authentication, or user interaction. Exploitation enables arbitrary memory modification, potentially leading to data tampering or process crashes, which could disrupt backup operations or enable further compromise depending on the attacker's goals.

QNAP has mitigated the issue in HBS 3 Hybrid Backup Sync version 25.1.4.952 and later. Administrators should update affected systems immediately, as detailed in the vendor's security advisory at https://www.qnap.com/en/security-advisory/qsa-25-06.

Details

CWE(s)
CWE-120CWE-121

Affected Products

qnap
hybrid backup sync
25.1.0.627 — 25.1.4.952

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1565.001 Stored Data Manipulation Impact
Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.
attack.mitre.org →
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
attack.mitre.org →
Why these techniques?

Remote buffer overflow in public-facing backup sync service enables T1190 for initial exploitation; arbitrary memory modification facilitates T1565.001 data tampering; process crashes enable T1499.004 DoS via application exploitation.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

References