CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
73.7%
A buffer overflow vulnerability was discovered on firmware version validation that could lead to an unauthenticated remote code executionΒ in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices. An attacker would require exploitation of another vulnerability to raise their privileges in order to exploit this buffer overflow vulnerability.
This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191.
Vendor | Product | Version | CPE |
---|---|---|---|
westerndigital | my_cloud_home_duo | - | cpe:2.3:h:westerndigital:my_cloud_home_duo:-:*:*:*:*:*:*:* |
westerndigital | my_cloud_home_duo_firmware | * | cpe:2.3:o:westerndigital:my_cloud_home_duo_firmware:*:*:*:*:*:*:*:* |
westerndigital | sandisk_ibi | - | cpe:2.3:h:westerndigital:sandisk_ibi:-:*:*:*:*:*:*:* |
westerndigital | sandisk_ibi_firmware | * | cpe:2.3:o:westerndigital:sandisk_ibi_firmware:*:*:*:*:*:*:*:* |
westerndigital | my_cloud_home_firmware | * | cpe:2.3:o:westerndigital:my_cloud_home_firmware:*:*:*:*:*:*:*:* |
westerndigital | my_cloud_home | - | cpe:2.3:h:westerndigital:my_cloud_home:-:*:*:*:*:*:*:* |
[
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "My Cloud Home and My Cloud Home Duo",
"vendor": "Western Digital",
"versions": [
{
"lessThan": " 9.4.0-191",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "ibi",
"vendor": "SanDisk",
"versions": [
{
"lessThan": " 9.4.0-191",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
73.7%