• Send Us A Tip
  • Calling all Tech Writers
  • Advertise
Saturday, July 11, 2026
  • Login
TechStory
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
TechStory
No Result
View All Result
Home News

Western Digital content app vulnerable to unauthorized media access

by Srestha Roy
March 21, 2022 - Updated On March 22, 2022
in News
Reading Time: 2 mins read
0
Western Digital content app vulnerable to unauthorized media access
TwitterWhatsappLinkedin

Western Digital’s EdgeRover desktop app for Windows and Mac is vulnerable to local privilege escalation and sandboxing escape bugs, which could allow sensitive information to be disclosed or denial of service (DoS) attacks to occur.

You might also like

Weekly Tech Updates: Everything from the AI Race to Truecaller’s TRAI Dispute

Weekly Business News: Everything from Adani’s Low Carbon Bet to NMDC’s Iron Ore Price Cut

Indian Startups Raise $219.2 Mn in a Week as Late-Stage Investments Drive Funding Momentum

EdgeRover is a centralized content management solution for Western Digital and SanDisk products that brings together multiple digital storage devices into a single management interface.

It is a proprietary software solution that aims to improve usability and comfort by providing powerful content searching, filtering, categorization options, privacy settings, collection creation, duplicate detection, and other features.

Given that Western Digital is one of the world’s most successful manufacturers and retailers of digital storage products, a sizable number of people are probably using EdgeRover for data management.

CVE-2022-22998 is a directory traversal flaw that allows unauthorised access to restricted directories and files. The vulnerability has been assigned a CVSS v3 severity rating of 9.1, indicating that it is critical.

Western Digital’s brief advisory doesn’t go into much detail about the vulnerability, so it’s unclear whether it’s a DLL hijacking bug that allows local privilege elevation or a bug that allows access to unprivileged data locations. Western Digital, on the other hand, advises customers to update their EdgeRover desktop applications to version 1.5.1-594 or later, which was released last week.

CVE-2022-22998 is a directory traversal flaw that allows unauthorised access to restricted directories and files. The vulnerability has been assigned a CVSS v3 severity rating of 9.1, indicating that it is critical.

Western Digital’s brief advisory doesn’t go into much detail about the vulnerability, so it’s unclear whether it’s a DLL hijacking bug that allows local privilege elevation or a bug that allows access to unprivileged data locations.

To address these vulnerabilities, Western Digital advises customers to update their EdgeRover desktop applications to version 1.5.1-594 or later, which was released last week. Threat researcher Xavier Danest discovered the flaw and responsibly reported it to the vendor.

It is unclear whether the vulnerability has been actively exploited; Bleeping Computer has contacted the hardware behemoth for more information.

It should be noted that for a threat actor to exploit this vulnerability and steal your data, your system has most likely already been compromised in some way.

Tags: edgeroverWestern Digital
Tweet54SendShare15
Previous Post

The 37 New Emoji iOS 15.4 Brings to Your iPhone

Next Post

Ford F-150 Lightning gets higher EPA range with extended battery pack

Srestha Roy

Recommended For You

Weekly Tech Updates: Everything from the AI Race to Truecaller’s TRAI Dispute

by Ishaan Negi
July 10, 2026
0
Weekly Tech Updates: Everything from Cloudfare Outage to X’s ‘Chat’ Debut

The tech world had another action-packed week, with AI giants, smartphone makers, and regulators all making major moves. OpenAI vs Anthropic: The AI Race Gets Even Tighter The...

Read more

Weekly Business News: Everything from Adani’s Low Carbon Bet to NMDC’s Iron Ore Price Cut

by Ishaan Negi
July 10, 2026
0
Weekly Business News: Top business updates in this week

Catch up on the week's most important business headlines, featuring key developments in industry, policy, technology, and global trade. Adani Enterprises Enters Chemicals with Low-Carbon Manufacturing Push Adani...

Read more

Indian Startups Raise $219.2 Mn in a Week as Late-Stage Investments Drive Funding Momentum

by Ishaan Negi
July 10, 2026
0
Weekly Startup Funding News: Indian startups raised $196 Mn this week; from Emiza to Leap

India's startup funding ecosystem showed renewed strength during the week ended July 9, with startups collectively raising $219.2 million across 18 funding rounds. The total marks a 28.3%...

Read more
Next Post
Ford F-150 Lightning's range beats Rivian electric pickups, lags GMC

Ford F-150 Lightning gets higher EPA range with extended battery pack

Please login to join discussion

Techstory

Tech and Business News from around the world. Follow along for latest in the world of Tech, AI, Crypto, EVs, Business Personalities and more.
reach us at info@techstory.in

Advertise With Us

Reach out at - info@techstory.in

Aviator Game India 2026

BROWSE BY TAG

#Crypto #howto 2024 acquisition AI amazon Apple Artificial Intelligence bitcoin Business China cryptocurrency e-commerce electric vehicles Elon Musk Ethereum facebook funding Gaming Google India Instagram Investment ios iPhone IPO Market Markets Meta Microsoft News OpenAI samsung Social Media SpaceX startup startups tech technology Tesla TikTok trend trending twitter US

© 2025 Techstory.in

No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to

© 2025 Techstory.in

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?