Asustor Security Advisory Severe Vulnerability Detected Update Surveillance Center Now

Asustor, Inc. had published a security advisory concerning a vulnerability of Surveillance Center App using by its NAS systems.

An emergency update is being pushed for Surveillance Center in response to a severe vulnerability detected in the software that could potentially allow an attacker to gain control elevated privileges to execute code on ADM NAS OS to install malware. This update fixes this underlying vulnerability. Asustor strongly urges all users of Surveillance Center for ADM to install the latest version as soon as possible to protect themselves and to minimize the risk of malware infection. The company also recommends taking additional security measures to guard against the potential harms of malware in accordance with previously announced protective measures.

The company strongly recommends taking following actions to ensure your data is secure:

• Change your password.

• Use a strong password.

• Change default HTTP and HTTPS ports. Default ports are 8000 and 8001 respectively.

• Turn off Terminal/SSH and SFTP services and other services you do not use.

• Make regular backups and ensure backups are up to date.

• Turn on and update snapshots if available.

• Enable the AbuseIPDB risk detection greylist.