Jump to content
  • Western Digital fixes critical bug giving root on My Cloud NAS devices


    Karlston

    • 762 views
    • 2 minutes
     Share


    • 762 views
    • 2 minutes

    Western Digital has fixed a critical severity vulnerability that enabled attackers to gain remote code execution with root privileges on unpatched My Cloud OS 5 devices.

     

    This flaw is an out-of-bounds heap read/write (tracked as CVE-2021-44142) in the Samba vfs_fruit VFS module.

     

    It can be exploited by unauthenticated threat actors in low complexity attacks targeting My Cloud devices running vulnerable firmware versions.

     

    "This specific flaw exists within the parsing of extended attributes (EA) metadata when opening a file in smbd," the data storage company explained.

     

    "This vulnerability can be exploited by unauthenticated users if they are allowed write access to file extended attributes."

    Bug addressed by removing vulnerable Samba module

    While default configurations are exposed to attacks, threat actors need write access to a file's extended attributes (this could also be a guest or unauthenticated user if they are allowed write access to file extended attributes, according to the Samba Team.

     

    Western Digital addressed the vulnerability by removing the "fruit" VFS module from the list of configured VFS objects and changing EA support configurations in My Cloud OS 5 Firmware 5.21.104, released on March 23, 2022.

     

    The American hard disk drive manufacturer advises customers to update their devices to the latest firmware by clicking the update alert as soon as possible.

     

    The list of devices considered vulnerable to CVE-2021-44142 attacks includes:

     

    • My Cloud PR2100
    • My Cloud PR4100
    • My Cloud EX4100
    • My Cloud EX2 Ultra
    • My Cloud Mirror Gen 2
    • My Cloud DL2100
    • My Cloud DL4100
    • My Cloud EX2100
    • My Cloud
    • WD Cloud

    Netatalk critical flaw also patched this week

    This week, Western Digital fixed one more critical vulnerability in the open-source Netatalk Apple File Protocol fileserver used to access network shares and perform Time Machine backups.

     

    The bug was addressed by deprecating the Netatalk service and removing it from My Cloud OS with the 5.19.117 firmware update.

     

    After installing the firmware to the latest version, the Netatalk service will no longer be available. 

     

    However, My Cloud device users can still configure them to access network shares via SMB (info on how to do that is available on this support page).

     

     

    Western Digital fixes critical bug giving root on My Cloud NAS devices


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...