Skip to main content

Western Digital My Cloud Multiple Vulnerabilities

Release Date: 24 Jan 2022 5006 Views

RISK: High Risk

TYPE: Operating Systems - Cloud & Cluster

TYPE: Cloud & Cluster

Multiple vulnerabilities were identified in Western Digital My Cloud. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, security restriction bypass, spoofing, elevation of privilege and remote code execution on the targeted system.


Impact

  • Denial of Service
  • Remote Code Execution
  • Spoofing
  • Elevation of Privilege
  • Security Restriction Bypass

System / Technologies affected

  • Western Digital My Cloud PR2100 version prior to 5.19.117
  • Western Digital My Cloud PR4100 version prior to 5.19.117
  • Western Digital My Cloud EX4100 version prior to 5.19.117
  • Western Digital My Cloud EX2 Ultra version prior to 5.19.117
  • Western Digital My Cloud Mirror Gen 2 version prior to 5.19.117
  • Western Digital My Cloud DL2100 version prior to 5.19.117
  • Western Digital My Cloud EX2100 version prior to 5.19.117
  • Western Digital My Cloud version prior to 5.19.117
  • Western Digital Cloud version prior to 5.19.117
  • Western Digital My Cloud EX2 version prior to 2.12.144
  • Western Digital My Cloud EX4 version prior to 2.12.144
  • Western Digital My Cloud Mirror version prior to 2.12.144

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

 

https://www.westerndigital.com/support/product-security/wdc-22002-my-cloud-os5-firmware-5-19-117

https://www.westerndigital.com/support/product-security/wdc-22001-my-cloud-os3-firmware-2-12-144


Vulnerability Identifier


Source


Related Link

https://www.westerndigital.com/support/product-security