2018 has not started well in terms of security, at least if you consider the disclosure of gaps as negative.Because Meltdown and Specter affect almost all users.Now, the still young year has its second massive security incident to offer, as products from memory manufacturer Western Digital have discovered a “built-in” backdoor.

Western Digital

The My Cloud products of Western Digital (WD) are also popular, but who has such a network storage in use, should disable it for now.Because the My Cloud solutions have a serious vulnerability that can not be easily patched.This is not the only parallel to Meltdown and Specter, as Western Digital has known for many months that it exists.
Also Read: Nintendo Switch Kernel Exploit Shown At 34C3

Security researcher James Bercegay informed Western Digital about this gap in mid-2017. After half a year, the time has elapsed, which Western Digital (on its own request) has received, on GulfTech all the details and a proof-of-concept exploit have been published (via TechSpot ). However, WD has not been able to deliver a fix so far. And it is questionable whether WD can do something about it because the back door is “hard-coded” and can not be deactivated by software. This means that a given combination of username and password grants access to any of the affected My Cloud storage without exception. The access is also comprehensive because the admin gets shell access and can thus also execute all imaginable commands.Incidentally, the models of the MyCloud 04.X series and MyCloud devices with firmware 2.30.174 are not affected.

The Affected WD Products:

  • MyCloud
  • MyCloudMirror
  • My Cloud Gen 2
  • My Cloud PR2100
  • My Cloud PR4100
  • My Cloud EX2 Ultra
  • My Cloud EX2
  • My Cloud EX4
  • My Cloud EX2100
  • My Cloud EX4100
  • My Cloud DL2100
  • My Cloud DL4100

Source

Leave a Reply