< securityroom

QSAN Responds to CVE-2022-2031_32742_32744_32745_32746: SAMBA

August  26 , 2022

CVE-2022-32742 allows remote authenticated users to obtain sensitive information via a susceptible version of QSM’s SMB Service.
CVE-2022-2031, CVE-2022-32744, and CVE-2022-32746 allow remote authenticated users to bypass security constraint and conduct denial-of-service attacks via a susceptible version of QSM OS.
None of QSAN's products are affected by CVE-2022-32745 as this vulnerability only affect Samba 4.13 and later.

Applied to

Product Severity Fixed Release Availability
QSM Important Ongoing
XEVO Not Affected N/A
SANOS Not Affected N/A

Mitigation

If you need immediate assistance, please contact QSAN technical support via https://www.qsan.com/en/technical_support.

Detail

Reserved

Reference