Western Digital My Cloud Flaw Let Attackers Execute Arbitrary Code


A critical vulnerability in Western Digital’s My Cloud devices has been identified. An unchecked buffer in the Dynamic DNS client allows attackers to execute arbitrary code.

This vulnerability, designated as CVE-2024-22170, carries a CVSS score of 9.2, indicating a high-severity threat.

EHA

The flaw resides in the Dynamic DNS client and can be exploited through a Man-in-the-Middle (MitM) attack.

By intercepting a Dynamic DNS update request and responding with a malicious payload, attackers can cause a buffer overflow, leading to the execution of arbitrary code on affected devices.

The vulnerability affects a range of My Cloud devices, including the My Cloud EX2 Ultra, My Cloud EX4100, My Cloud PR2100, My Cloud PR4100, My Cloud, My Cloud Mirror G2, My Cloud EX2100, My Cloud DL2100, My Cloud DL4100, and WD Cloud.

Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try It for Free

Users are strongly urged to update their devices to My Cloud OS 5 Firmware version 5.29.102 to protect against potential exploitation.

Western Digital has addressed the vulnerability in the latest firmware update, which includes improvements to enhance the security of My Cloud OS 5 devices.

The company has thanked Claroty Research—Team82—Noam Moshe, working with Trend Micro Zero Day Initiative, for responsibly disclosing this vulnerability.

The potential impacts of this vulnerability are severe, including unauthorized access to sensitive information, modification or corruption of data, and system crashes or unavailability.

Given the critical nature of this vulnerability, users are advised to update their devices immediately and consider additional security measures such as network segmentation and regular system log monitoring.

Affected Devices and Recommended Actions:

  • My Cloud EX2 Ultra: Update to firmware version 5.29.102
  • My Cloud EX4100: Update to firmware version 5.29.102
  • My Cloud PR2100: Update to firmware version 5.29.102
  • My Cloud PR4100: Update to firmware version 5.29.102
  • My Cloud: Update to firmware version 5.29.102
  • My Cloud Mirror G2: Update to firmware version 5.29.102
  • My Cloud EX2100: Update to firmware version 5.29.102
  • My Cloud DL2100: Update to firmware version 5.29.102
  • My Cloud DL4100: Update to firmware version 5.29.102
  • WD Cloud: Update to firmware version 5.29.102

Users are encouraged to take immediate action to protect their devices and data from potential exploitation.

Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Free Webinar



Source link