Vulnerabilities > Westerndigital > High

DATE CVE VULNERABILITY TITLE RISK
2020-03-10 CVE-2019-10705 Insufficiently Protected Credentials vulnerability in Westerndigital products
Western Digital SanDisk X600 devices in certain configurations, a vulnerability in the access control mechanism of the drive may allow data to be decrypted without knowledge of proper authentication credentials.
network
low complexity
westerndigital CWE-522
7.5
2020-02-19 CVE-2020-8959 Uncontrolled Search Path Element vulnerability in Westerndigital products
Western Digital WesternDigitalSSDDashboardSetup.exe before 3.0.2.0 allows DLL Hijacking.
local
low complexity
westerndigital CWE-427
7.8
2019-09-30 CVE-2019-13466 Use of Hard-coded Credentials vulnerability in multiple products
Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 have Incorrect Access Control.
network
low complexity
sandisk westerndigital CWE-798
7.5
2019-05-23 CVE-2019-9949 Link Following vulnerability in Westerndigital products
Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability.
network
low complexity
westerndigital CWE-59
8.8