Western Digital’s EdgeRover desktop app for Windows and Mac is vulnerable to local privilege escalation and sandboxing escape bugs, which could allow sensitive information to be disclosed or denial of service (DoS) attacks to occur.
EdgeRover is a centralized content management solution for Western Digital and SanDisk products that brings together multiple digital storage devices into a single management interface.
It is a proprietary software solution that aims to improve usability and comfort by providing powerful content searching, filtering, categorization options, privacy settings, collection creation, duplicate detection, and other features.
Given that Western Digital is one of the world’s most successful manufacturers and retailers of digital storage products, a sizable number of people are probably using EdgeRover for data management.
CVE-2022-22998 is a directory traversal flaw that allows unauthorised access to restricted directories and files. The vulnerability has been assigned a CVSS v3 severity rating of 9.1, indicating that it is critical.
Western Digital’s brief advisory doesn’t go into much detail about the vulnerability, so it’s unclear whether it’s a DLL hijacking bug that allows local privilege elevation or a bug that allows access to unprivileged data locations. Western Digital, on the other hand, advises customers to update their EdgeRover desktop applications to version 1.5.1-594 or later, which was released last week.
CVE-2022-22998 is a directory traversal flaw that allows unauthorised access to restricted directories and files. The vulnerability has been assigned a CVSS v3 severity rating of 9.1, indicating that it is critical.
Western Digital’s brief advisory doesn’t go into much detail about the vulnerability, so it’s unclear whether it’s a DLL hijacking bug that allows local privilege elevation or a bug that allows access to unprivileged data locations.
To address these vulnerabilities, Western Digital advises customers to update their EdgeRover desktop applications to version 1.5.1-594 or later, which was released last week. Threat researcher Xavier Danest discovered the flaw and responsibly reported it to the vendor.
It is unclear whether the vulnerability has been actively exploited; Bleeping Computer has contacted the hardware behemoth for more information.
It should be noted that for a threat actor to exploit this vulnerability and steal your data, your system has most likely already been compromised in some way.
