Security ID : QSA-24-41
Vulnerability in HBS 3 Hybrid Backup Sync (PWN2OWN 2024)
Release date : October 29, 2024
CVE identifier : CVE-2024-50388
Affected products: HBS 3 Hybrid Backup Sync 25.1.x
Severity
Critical
Status
Resolved
Summary
A vulnerability has been reported to affect HBS 3 Hybrid Backup Sync.
We have already fixed the vulnerability in the following version:
| Affected Product | Fixed Version | OS |
| HBS 3 Hybrid Backup Sync 25.1.x | HBS 3 Hybrid Backup Sync 25.1.1.673 and later | QTS 5.2.x, 5.1.x QuTS hero h5.2.x, h5.1.x |
Recommendation
To fix the vulnerability, we recommend updating HBS 3 Hybrid Backup Sync to the latest version.
Updating HBS 3 Hybrid Backup Sync
- Log on to QTS or QuTS hero as an administrator.
- Open App Center and then click
.
A search box appears. - Type "HBS 3 Hybrid Backup Sync" and then press ENTER.
HBS 3 Hybrid Backup Sync appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your HBS 3 Hybrid Backup Sync is already up to date. - Click OK.
The application is updated.
Attachment
Acknowledgements: Pwn2Own 2024 - Viettel Cyber Security
Revision History:
V1.0 (October 29, 2024) - Published
