Cyber Posture

CVE-2025-30273

High

Published: 29 August 2025

Published
29 August 2025
Modified
22 September 2025
KEV Added
Patch
CVSS Score 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
EPSS Score 0.0017 37.6th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-30273 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Qnap Qts. Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 37.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly mitigates the CVE by requiring timely remediation through patching to the fixed QNAP OS versions, eliminating the out-of-bounds write vulnerability.

SI-16 Memory Protection good match
prevent

Implements memory protection mechanisms like non-executable memory, address randomization, and write protections to block exploitation of out-of-bounds writes that corrupt or modify memory.

SI-10 Information Input Validation partial match
prevent

Validates and sanitizes inputs to external interfaces, reducing the risk of malformed data triggering the out-of-bounds write in authenticated remote sessions.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Out-of-bounds write in authenticated network service on QNAP OS directly enables memory corruption exploitable for privilege escalation from a low-privileged account.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in…

more

the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later

Deeper analysisAI

CVE-2025-30273 is an out-of-bounds write vulnerability (CWE-787) affecting several versions of QNAP's QTS and QuTS hero operating systems. Published on 2025-08-29, it carries a CVSS v3.1 base score of 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H), indicating high severity due to its potential for network-based exploitation with low complexity and low privileges required.

A remote attacker who has gained a user account on an affected QNAP device can exploit the vulnerability to modify or corrupt memory. This can result in significant integrity and availability impacts, though confidentiality is not directly affected.

QNAP has fixed the vulnerability in QTS 5.2.5.3145 build 20250526 and later, as well as QuTS hero h5.2.5.3138 build 20250519 and later. Additional details are available in QNAP security advisory QSA-25-21 at https://www.qnap.com/en/security-advisory/qsa-25-21.

Details

CWE(s)
CWE-787

Affected Products

qnap
qts
5.2.0.2737, 5.2.0.2744, 5.2.0.2782, 5.2.0.2802, 5.2.0.2823
qnap
quts hero
h5.2.0.2737, h5.2.0.2782, h5.2.0.2789, h5.2.0.2802, h5.2.0.2823

CVEs Like This One

CVE-2024-53697Same product: Qnap Qts
CVE-2024-53699Same product: Qnap Qts
CVE-2024-38638Same product: Qnap Qts
CVE-2025-48725Same product: Qnap Qts
CVE-2025-52872Same product: Qnap Qts
CVE-2025-66277Same product: Qnap Qts
CVE-2024-53693Same product: Qnap Qts
CVE-2024-14026Same product: Qnap Qts
CVE-2025-52864Same product: Qnap Qts
CVE-2025-30264Same product: Qnap Qts

References