My Cloud OS 5: Western Digital closes critical vulnerability



< 1 minuto

We recently reported that users of Western Digital’s EdgeRover software should upgrade due to security vulnerabilities in the software. Now My Cloud network storage owners need to make sure they have a import updated firmware. My Cloud OS 5 devices were vulnerable to an out-of-bounds heap vulnerability in Samba versions prior to 4.13.17 that use the vfs_fruit VFS module. This could allow a remote attacker to run arbitrary code as root on devices. my cloud OS 5, Firmware 5.21.104 which was released on March 23, 2022, contains updates for Samba to close this critical vulnerability.

Leave a comment