CVE-2025-53597
BaseFortify
Publication date: 2026-01-02
Last updated on: 2026-01-05
Assigner: QNAP Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| qnap | license_center | From 2.0.17 (inc) to 2.0.36 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a buffer overflow in License Center. If a remote attacker obtains an administrator account, they can exploit this flaw to modify memory or cause processes to crash.
How can this vulnerability impact me? :
If exploited, this vulnerability can allow an attacker with administrator access to alter memory contents or crash processes, potentially leading to system instability or unauthorized actions within License Center.
What immediate steps should I take to mitigate this vulnerability?
Upgrade License Center to version 2.0.36 or later to fix the vulnerability. Additionally, restrict administrator account access to trusted users only to prevent remote attackers from exploiting this vulnerability.