Western Digital Fixes Critical Flaw Impacting My Cloud NAS Devices

Share post:

Storage data company, Western Digital has fixed a critical severity flaw impacting My Cloud OS 5 devices.

The flaw tracked as CCE-2021-44142 can be exploited by unauthenticated threat actors to gain remote code execution with root privileges.

Western Digital was able to fix the flaw by removing the “fruit” VFS module from the list of configured VFS objects. The company also changed the EA support configuration in My Cloud OS 5 Firmware 5.21.104.

Vulnerable devices exposed to CVE-2021-44142 attacks include My Cloud PR2100, My Cloud PR 4100, My Cloud EX4100, My Cloud EX2 Ultra, My Cloud Mirror Gen 2, My Cloud DL2100, My Cloud DL4100, My Cloud EX2100, My Cloud, and WD Cloud.

The hard disk drive manufacturer advised customers to update their devices to the latest firmware. To do this, they are advised to click the update alert as soon as possible.

Western Digital also fixed a critical vulnerability in the open-source Netatalk Apple File Protocol fileserver. The fileserver is used to access network shares and carry out Time Machine backups.

For more information, read the original story in BleepingComputer.



Related articles

Nvidia to rent out Supercomputers for AI development

Jensen Huang, CEO of Nvidia Corp, has announced that the company will rent out its powerful supercomputers, which...

Adobe launches Firefly

Adobe has entered the generative AI market with the release of Firefly, a new family of AI models...

Google Unveils BARD

BARD, Google's experimental AI chatbot, has been launched to compete with OpenAI's ChatGPT and Microsoft's chatbot in their...

Microsoft introduces AI-enabled Bing image creator feature 

Microsoft has announced the release of a new AI-powered Bing feature that allows users to generate high-resolution images...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways