Empowering you to understand your world

WD NAS Vulnerability Allows Remote Install Of Firmware

There is another security vulnerability affecting Western Digital Network Access Storage (NAS) systems, and it allows the remote installation of firmware on the NAS devices. This means that malicious hackers could use a low-privileged user with a blank password to execute harmful code that could brick your device, among other things. This is called a remote code execution (RCE) vulnerability and it affects My Cloud OS 3 devices.

Western Digital is no longer providing updates to My Cloud OS 3 and advises users to upgrade to My Cloud OS 5, which is believed to compromise the devices’ functionality — thus deterring users from upgrading.

Western Digital said: ‘My Cloud OS 5 is a major and fundamental security release that provides an architectural revamp of our older My Cloud firmware and adds new defenses to thwart common classes of attacks. We recommend that all users upgrade to My Cloud OS 5 as soon as possible to benefit from the latest security fixes. My Cloud OS3 will not receive these security fixes.’

Share this article
Shareable URL
Prev Post

9 Play Store Apps Stole Users’ Facebook Passwords

Next Post

Apple Blocks Apps From Circumventing Customers’ Anti-Tracking Settings

Leave a Reply

Read next
Subscribe to our newsletter
Get notified when new content is published