BRIEF

Zero-Day · ActiveRisk: HighRegion: GlobalHub: Global IntelligenceBrief #00414Priority Score: 85Zero-Day · ActiveRisk: HighRegion: GlobalHub: Global IntelligenceBrief #00414Priority Score: 85

QNAP Patches Four Critical Vulnerabilities Demonstrated at Pwn2Own Ireland 2025

HIGH RISK

BRIEF #00414

Zero-Day Global Global Intelligence

QNAP Patches Four Critical Vulnerabilities Demonstrated at Pwn2Own Ireland 2025

March 24, 2026 at 03:01 AM

Priority85

Technology · Telecommunications · Enterprise Infrastructure

2.2

Always First

Executive Risk Brief

HIGH RISK

Incident Type

Zero-Day

Risk Level

High

Affected Sectors

Technology, Telecommunications, Enterprise Infrastructure

Geographic Impact

Global

Severity Index

85 / 100

ALERT

Immediate Enterprise Concern

The primary risk is the exploitation of unpatched SD-WAN routers by threat actors to gain root access and establish persistent control over enterprise network infrastructure.

2.3

Incident Overview

What Happened

During the Pwn2Own Ireland 2025 event, the research team 'Team DDOS' successfully demonstrated a chain of vulnerabilities in QNAP SD-WAN routers. These vulnerabilities, tracked as CVE-2025-62843, CVE-2025-62844, CVE-2025-62845, and CVE-2025-62846, allowed the researchers to bypass security controls and gain root access to the devices. QNAP has since issued firmware updates to remediate these security gaps.

◆

2.4

Strategic Impact

Why It Matters

SD-WAN devices are critical components of modern enterprise network architecture, often serving as the gateway between internal networks and the internet. Successful exploitation of these devices provides attackers with a strategic foothold for lateral movement, data theft, and network disruption. Because these vulnerabilities were publicly demonstrated at a major security event, the window for threat actors to develop and deploy exploit code is significantly narrowed.

◆

2.5

Conditional Advisory

Citizen Safety Summary

Live Citizen Advisory · Global

Zero-Day Safety Alert

Est. Reports Filed

Score 85

Active Since

Mar 24, 2026

Sectors Targeted

Technology, Telecommunications

If you use QNAP routers at home or in your small business, please check for and install the latest firmware updates immediately to protect your network from potential unauthorized access.

2.6

Operational Directives

QPulse Advisory Block

Immediate Action

Time-sensitive · Act now

Identify all QNAP SD-WAN routers within the network and apply the latest firmware updates provided by the vendor.

Monitoring Recommendation

Detection & visibility

Monitor network logs for unusual administrative login attempts or unexpected traffic patterns originating from SD-WAN appliances.

Preventive Control

Reduce attack surface

Ensure that management interfaces for network hardware are not exposed to the public internet and utilize VPNs or restricted access lists for administrative access.

Governance Consideration

Policy & compliance

Implement a formal patch management policy for all network infrastructure devices to ensure critical security updates are applied within 48 hours of release.

QPulseIntelligence

Advisory purposes only · QPulse Security Intelligence Platform · 2026 · Brief #00414

2.2

Always First

Executive Risk Brief

HIGH RISK

Incident Type

Zero-Day

Risk Level

High

Affected Sectors

Technology, Telecommunications, Enterprise Infrastructure

Geographic Impact

Global

Severity Index

85 / 100

ALERT

Immediate Enterprise Concern

The primary risk is the exploitation of unpatched SD-WAN routers by threat actors to gain root access and establish persistent control over enterprise network infrastructure.

2.3

Incident Overview

What Happened

◆

2.4

Strategic Impact

Why It Matters

◆

2.5

Conditional Advisory

Citizen Safety Summary

Live Citizen Advisory · Global

Zero-Day Safety Alert

Est. Reports Filed

Score 85

Active Since

Mar 24, 2026

Sectors Targeted

Technology, Telecommunications

If you use QNAP routers at home or in your small business, please check for and install the latest firmware updates immediately to protect your network from potential unauthorized access.

2.6

Operational Directives

QPulse Advisory Block

Immediate Action

Time-sensitive · Act now

Identify all QNAP SD-WAN routers within the network and apply the latest firmware updates provided by the vendor.

Monitoring Recommendation

Detection & visibility

Monitor network logs for unusual administrative login attempts or unexpected traffic patterns originating from SD-WAN appliances.

Preventive Control

Reduce attack surface

Ensure that management interfaces for network hardware are not exposed to the public internet and utilize VPNs or restricted access lists for administrative access.

Governance Consideration

Policy & compliance

Implement a formal patch management policy for all network infrastructure devices to ensure critical security updates are applied within 48 hours of release.

QPulseIntelligence

Advisory purposes only · QPulse Security Intelligence Platform · 2026 · Brief #00414