Western Digital Fixes Critical Flaw Impacting My Cloud NAS Devices

Storage data company, Western Digital has fixed a critical severity flaw impacting My Cloud OS 5 devices.

The flaw tracked as CCE-2021-44142 can be exploited by unauthenticated threat actors to gain remote code execution with root privileges.

Western Digital was able to fix the flaw by removing the “fruit” VFS module from the list of configured VFS objects. The company also changed the EA support configuration in My Cloud OS 5 Firmware 5.21.104.

Vulnerable devices exposed to CVE-2021-44142 attacks include My Cloud PR2100, My Cloud PR 4100, My Cloud EX4100, My Cloud EX2 Ultra, My Cloud Mirror Gen 2, My Cloud DL2100, My Cloud DL4100, My Cloud EX2100, My Cloud, and WD Cloud.

The hard disk drive manufacturer advised customers to update their devices to the latest firmware. To do this, they are advised to click the update alert as soon as possible.

Western Digital also fixed a critical vulnerability in the open-source Netatalk Apple File Protocol fileserver. The fileserver is used to access network shares and carry out Time Machine backups.

For more information, read the original story in BleepingComputer.

Western Digital Fixes Critical Flaw Impacting My Cloud NAS Devices

Top Stories

Researchers warn AI coding agents can be manipulated through hidden skill files

Amazon shuts down internal AI leaderboard after employees found ways to game the system

Google CEO pushes back on ‘Google Zero’ fears

Tesla insiders say they wouldn’t trust Full Self-Driving

Meta cuts jobs as it doubles down on AI

CISA exposed internal passwords and cloud keys in public repository

Related Articles

New ‘HTTP/2 Bomb’ attack can crash major web servers from a single computer

Microsoft says new AI data centers use as little water as a single restaurant

Switzerland digs deep for giant battery project

Amazon shuts down internal AI leaderboard after employees found ways to game the system

TND Newsdesk

TND Newsdesk

Jim Love