CVE-2025-52432

Q: What is the severity of CVE-2025-52432?

CVE-2025-52432 has a CVSS score of 4.9 (MEDIUM). A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service conditions. This affects multiple QNAP NAS devices running vulnerable QTS and QuTS hero versions. The vulnerability requires administrative access to exploit.

4.9 MEDIUM

Denial of Service

📋 TL;DR

A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service conditions. This affects multiple QNAP NAS devices running vulnerable QTS and QuTS hero versions. The vulnerability requires administrative access to exploit.

💻 Affected Systems

Products:

QNAP QTS
QNAP QuTS hero

Versions: All versions before QTS 5.2.6.3195 build 20250715 and QuTS hero h5.2.6.3195 build 20250715/h5.3.0.3192 build 20250716

Operating Systems: QNAP QTS, QNAP QuTS hero

Default Config Vulnerable: ⚠️ Yes

Notes: Requires administrative credentials for exploitation. All QNAP NAS devices running affected OS versions are vulnerable.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash requiring physical intervention to restore service, potentially causing extended downtime for critical NAS services.

🟠

Likely Case

Temporary service disruption affecting file sharing, applications, and other NAS functions until system automatically restarts.

🟢

If Mitigated

No impact if proper access controls prevent unauthorized administrative access.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires administrative access, making this primarily an insider threat or credential compromise scenario.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: QTS 5.2.6.3195 build 20250715 or later, QuTS hero h5.2.6.3195 build 20250715 or later, QuTS hero h5.3.0.3192 build 20250716 or later

Vendor Advisory: https://www.qnap.com/en/security-advisory/qsa-25-36

Restart Required: Yes

Instructions:

1. Log into QNAP web interface as admin. 2. Navigate to Control Panel > System > Firmware Update. 3. Check for updates and install latest version. 4. Reboot the NAS when prompted.

🔧 Temporary Workarounds

Restrict Administrative Access

all

Limit administrative account access to trusted IP addresses and users only.

Enable Two-Factor Authentication

all

Require 2FA for all administrative accounts to prevent credential-based attacks.

🧯 If You Can't Patch

Isolate QNAP devices from internet exposure using firewall rules
Implement strict access controls and monitor for unauthorized administrative login attempts

🔍 How to Verify

Check if Vulnerable:

Check QTS/QuTS hero version in Control Panel > System > Firmware Update. Compare against patched versions.

Check Version:

ssh admin@qnap-ip 'cat /etc/config/uLinux.conf | grep version' or check web interface

Verify Fix Applied:

Verify version shows QTS 5.2.6.3195 build 20250715 or later, or QuTS hero h5.2.6.3195 build 20250715/h5.3.0.3192 build 20250716 or later.

📡 Detection & Monitoring

Log Indicators:

Multiple failed admin login attempts followed by system crash logs
Unexpected system reboots or service disruptions

Network Indicators:

Unusual administrative login patterns from unexpected sources
Sudden cessation of NAS services

SIEM Query:

source="qnap-nas" (event_type="authentication_failure" AND user="admin") OR (event_type="system_crash" OR event_type="unexpected_reboot")

📊 Metadata

CVE ID: CVE-2025-52432

CVSS v3 Score: 4.9 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.19% exploit probability (40.6th percentile)

Published: October 3, 2025

Last Updated: October 8, 2025

🔗 References

https://www.qnap.com/en/security-advisory/qsa-25-36 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Qts by Qnap

Qts by Qnap

Qts by Qnap

Qts by Qnap

Qts by Qnap

Qts by Qnap

Qts by Qnap

Qts by Qnap

Qts by Qnap

Qts by Qnap

Qts by Qnap

Qts by Qnap

Qts by Qnap

Qts by Qnap

Quts Hero by Qnap

Quts Hero by Qnap

Quts Hero by Qnap

Quts Hero by Qnap

Quts Hero by Qnap

Quts Hero by Qnap

Quts Hero by Qnap

Quts Hero by Qnap

Quts Hero by Qnap

Quts Hero by Qnap

Quts Hero by Qnap

Quts Hero by Qnap

Quts Hero by Qnap

Quts Hero by Qnap

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict Administrative Access

Enable Two-Factor Authentication

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities