December 1, 2023

Western Digital has patched a critical vulnerability, tracked as CVE-2021-44142, that could have allowed attackers to gain remote code execution with root privileges on unpatched My Cloud OS 5 devices.

This vulnerability related to a Samba out-of-bounds heap read/write that impacts the  vfs_fruit VFS module when parsing EA metadata when opening files in smbd, part of the samba suite and provides enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.

The CVE-2021-44142 flaw affects the following devices:

  • My Cloud PR2100
  • My Cloud PR4100
  • My Cloud EX4100
  • My Cloud EX2 Ultra
  • My Cloud Mirror Gen 2
  • My Cloud DL2100
  • My Cloud DL4100
  • My Cloud EX2100
  • My Cloud
  • WD Cloud
Advertisements

This specific flaw exists within the parsing of extended attributes metadata when opening a file in smbd. This vulnerability can be exploited by unauthenticated users if they are allowed write access to file extended attributes.

Western Digital fixed the issue by removing the fruit VFS module from the list of configured VFS objects and changing EA support configurations.

The flaw was fixed with the release of My Cloud OS 5 Firmware 5.21.104.

Tags:

Leave a Reply

You may have missed

TheCyberThrone Security Week In Review – November 25, 2023

November 30, 2023

BlueVoyant Acquires Conquest Cyber

November 30, 2023

Google Fixes Sixth Chrome ZeroDay of 2023

November 29, 2023

Ardent Health Services affected by a cyber incident

November 29, 2023

GE and DARPA – Claimed Hack raises concerns

November 28, 2023

POC released for Splunk Enterprise Vulnerability- CVE-2023-46214

November 28, 2023
%d bloggers like this: