Security News > 2021 > June > Pull your Western Digital My Book Live NAS off the internet now if you value your files

Pull your Western Digital My Book Live NAS off the internet now if you value your files
2021-06-25 15:30

Western Digital has alerted customers to a critical bug on its My Book Live storage drives, warning them to disconnect the devices from the internet to protect the units from being remotely wiped.

In an advisory, the storage firm said My Book Live and My Book Live Duo devices were being "Compromised through exploitation of a remote command execution vulnerability" CVE-2018-18472.

Device logs published on the Western Digital forums show the devices were remotely factory reset, although the culprits have not been found.

The Western Digital My Book Live connects to a host computer via USB, with internet access coming via an Ethernet port on the back.

While details about the "How" and "Why" of this particular incident are thin on the ground, Western Digital noted its My Book Live NAS devices last received a firmware update in 2015.

While Western Digital hasn't disclosed the scale of the problem, a quick search on Shodan shows over 200 My Book Live devices publicly accessible from the internet.


News URL

https://go.theregister.com/feed/www.theregister.com/2021/06/25/western_digital_nas_wiped/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-06-19 CVE-2018-18472 OS Command Injection vulnerability in Westerndigital MY Book Live Firmware
Western Digital WD My Book Live and WD My Book Live Duo (all versions) have a root Remote Command Execution bug via shell metacharacters in the /api/1.0/rest/language_configuration language parameter.
network
low complexity
westerndigital CWE-78
critical
 10.0
10

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Digital 3 1 3 10 1 15