May 28, 2023

Western Digital has patched a critical vulnerability, tracked as CVE-2021-44142, that could have allowed attackers to gain remote code execution with root privileges on unpatched My Cloud OS 5 devices.

This vulnerability related to a Samba out-of-bounds heap read/write that impacts the  vfs_fruit VFS module when parsing EA metadata when opening files in smbd, part of the samba suite and provides enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.

The CVE-2021-44142 flaw affects the following devices:

  • My Cloud PR2100
  • My Cloud PR4100
  • My Cloud EX4100
  • My Cloud EX2 Ultra
  • My Cloud Mirror Gen 2
  • My Cloud DL2100
  • My Cloud DL4100
  • My Cloud EX2100
  • My Cloud
  • WD Cloud
Advertisements

This specific flaw exists within the parsing of extended attributes metadata when opening a file in smbd. This vulnerability can be exploited by unauthenticated users if they are allowed write access to file extended attributes.

Western Digital fixed the issue by removing the fruit VFS module from the list of configured VFS objects and changing EA support configurations.

The flaw was fixed with the release of My Cloud OS 5 Firmware 5.21.104.

Tags:

Leave a Reply

You may have missed

Zyxel Patches Critical Buffer Overflow Vulnerability

Zyxel Patches Critical Buffer Overflow Vulnerability

May 27, 2023
Apria Data Breach affects 2 million customers

Apria Data Breach affects 2 million customers

May 27, 2023
CosmicEnergy Malware Shutting Electric grid

CosmicEnergy Malware Shutting Electric grid

May 27, 2023
Operation Magalenha from Brazil

Operation Magalenha from Brazil

May 27, 2023
Buhti Ransomware Dissection

Buhti Ransomware Dissection

May 26, 2023
Volt Typhoon – Chinese Threat Actor Targetting US Infra

Volt Typhoon – Chinese Threat Actor Targetting US Infra

May 25, 2023
%d bloggers like this: