Security News > 2021 > June > Pull your Western Digital My Book Live NAS off the internet now if you value your files
Western Digital has alerted customers to a critical bug on its My Book Live storage drives, warning them to disconnect the devices from the internet to protect the units from being remotely wiped.
In an advisory, the storage firm said My Book Live and My Book Live Duo devices were being "Compromised through exploitation of a remote command execution vulnerability" CVE-2018-18472.
Device logs published on the Western Digital forums show the devices were remotely factory reset, although the culprits have not been found.
The Western Digital My Book Live connects to a host computer via USB, with internet access coming via an Ethernet port on the back.
While details about the "How" and "Why" of this particular incident are thin on the ground, Western Digital noted its My Book Live NAS devices last received a firmware update in 2015.
While Western Digital hasn't disclosed the scale of the problem, a quick search on Shodan shows over 200 My Book Live devices publicly accessible from the internet.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/06/25/western_digital_nas_wiped/
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-06-19 | CVE-2018-18472 | OS Command Injection vulnerability in Westerndigital MY Book Live Firmware Western Digital WD My Book Live and WD My Book Live Duo (all versions) have a root Remote Command Execution bug via shell metacharacters in the /api/1.0/rest/language_configuration language parameter. | 9.8 |