Alert: New Vulnerabilities Discovered in QNAP and Kyocera Device Manager

It has been discovered that Kyocera’s Device Manager product contains a security vulnerability that might be used by hostile actors to infiltrate compromised computers and launch harmful attacks.

“This vulnerability allows attackers to coerce authentication attempts to their own resources, such as a malicious SMB share, to capture or relay Active Directory hashed credentials if the ‘Restrict NTLM: Outgoing NTLM traffic to remote servers’ security policy is not enabled,” Trustwave stated.

In an advisory published late last month, Kyocera identified the problem, which is tracked as CVE-2023-50916, as a path traversal vulnerability that allows an attacker to intercept and change a local path referring to the database backup destination read more New Vulnerabilities Discovered in QNAP and Kyocera Device Manager.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *