Overview
Western Digital has released updates to fix vulnerabilities in their products. Users of affected versions are advised to update to the latest version.
Affected Products
WD Discovery version: ~ 5.0.589 (excluded) (Windows, Mac)
Resolved Vulnerabilities
Vulnerability in WD Discovery Node.js environment settings contains malformed configuration, allowing code execution via environment variables (CVE-2024-22169)
Vulnerability Patches
The following Vulnerability Patches have been made available in the latest update. For more information on Vulnerability Patches, please refer to the “Google Chrome” Referenced Sites document.
WD Discovery version: 5.0.589 (Windows, Mac)
Referenced Sites
[1] CVE-2024-22169 Detail
https://nvd.nist.gov/vuln/detail/CVE-2024-22169
[2] WD Discovery Desktop App Version 5.0.589
Article Link: Western Digital Product Security Update Advisory (CVE-2024-22169) – ASEC