CVE-2022-27593
DeadBolt Ransomware
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- March 21, 2022
- Published Date
- September 08, 2022
- Last Updated
- February 03, 2025
- Vendor
- QNAP Systems Inc.
- Product
- Photo Station
- Description
- An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify system files. We have already fixed the vulnerability in the following versions: QTS 5.0.1: Photo Station 6.1.2 and later QTS 5.0.0/4.5.x: Photo Station 6.0.22 and later QTS 4.3.6: Photo Station 5.7.18 and later QTS 4.3.3: Photo Station 5.4.15 and later QTS 4.2.6: Photo Station 5.2.14 and later
- Tags
- Exploitation
- active
- Automatable
- Yes
- Technical Impact
- partial
cisa
malware
ransomware
nuclei_scanner
CVSS Scores
CVSS v3.1
10.0 - CRITICAL
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
SSVC Information
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2022-09-08 00:00:00 UTC |
Scanner Integrations
| Scanner | URL | Date Detected |
|---|---|---|
| Nuclei | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-27593.yaml | 2025-04-26 00:00:00 UTC |
Timeline
-
CVE ID Reserved
-
Exploit Used in Malware
-
Added to KEVIntel
-
CVE Published to Public
-
Detected by Nuclei