• Send Us A Tip
  • Calling all Tech Writers
  • Advertise
Monday, June 23, 2025
  • Login
  • Register
TechStory
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
TechStory
No Result
View All Result
Home News

Western Digital content app vulnerable to unauthorized media access

by Srestha Roy
March 21, 2022 - Updated On March 22, 2022
in News
Reading Time: 2 mins read
0
Western Digital content app vulnerable to unauthorized media access
TwitterWhatsappLinkedin

Western Digital’s EdgeRover desktop app for Windows and Mac is vulnerable to local privilege escalation and sandboxing escape bugs, which could allow sensitive information to be disclosed or denial of service (DoS) attacks to occur.

You might also like

Tesla Shifts Gears: India’s First Tesla Showrooms Open in Mumbai and Delhi

Rohit Vishwakarma Joins NDTV India as Managing Editor

Apple Eyes AI Startup Perplexity in Acquisition Discussions

EdgeRover is a centralized content management solution for Western Digital and SanDisk products that brings together multiple digital storage devices into a single management interface.

It is a proprietary software solution that aims to improve usability and comfort by providing powerful content searching, filtering, categorization options, privacy settings, collection creation, duplicate detection, and other features.

Given that Western Digital is one of the world’s most successful manufacturers and retailers of digital storage products, a sizable number of people are probably using EdgeRover for data management.

CVE-2022-22998 is a directory traversal flaw that allows unauthorised access to restricted directories and files. The vulnerability has been assigned a CVSS v3 severity rating of 9.1, indicating that it is critical.

Western Digital’s brief advisory doesn’t go into much detail about the vulnerability, so it’s unclear whether it’s a DLL hijacking bug that allows local privilege elevation or a bug that allows access to unprivileged data locations. Western Digital, on the other hand, advises customers to update their EdgeRover desktop applications to version 1.5.1-594 or later, which was released last week.

CVE-2022-22998 is a directory traversal flaw that allows unauthorised access to restricted directories and files. The vulnerability has been assigned a CVSS v3 severity rating of 9.1, indicating that it is critical.

Western Digital’s brief advisory doesn’t go into much detail about the vulnerability, so it’s unclear whether it’s a DLL hijacking bug that allows local privilege elevation or a bug that allows access to unprivileged data locations.

To address these vulnerabilities, Western Digital advises customers to update their EdgeRover desktop applications to version 1.5.1-594 or later, which was released last week. Threat researcher Xavier Danest discovered the flaw and responsibly reported it to the vendor.

It is unclear whether the vulnerability has been actively exploited; Bleeping Computer has contacted the hardware behemoth for more information.

It should be noted that for a threat actor to exploit this vulnerability and steal your data, your system has most likely already been compromised in some way.

Tags: edgeroverWestern Digital
Tweet54SendShare15
Previous Post

The 37 New Emoji iOS 15.4 Brings to Your iPhone

Next Post

Ford F-150 Lightning gets higher EPA range with extended battery pack

Srestha Roy

Recommended For You

Tesla Shifts Gears: India’s First Tesla Showrooms Open in Mumbai and Delhi

by Ishaan Negi
June 23, 2025
0
Report suggests Musk cancelled India trip to secure fully self-driving car technology deal in China

After years of speculation and stalled negotiations, Tesla is finally entering the Indian market. In this article, we’ll explore how Tesla plans to make its mark in one...

Read more

Rohit Vishwakarma Joins NDTV India as Managing Editor

by Ishaan Negi
June 23, 2025
0
Rohit Vishwakarma Joins NDTV India as Managing Editor

Appointing Rohit Vishwakarma as its new Managing Editor is a calculated move by NDTV India that demonstrates its dedication to digital transformation and reliable journalism. Vishwakarma has more...

Read more

Apple Eyes AI Startup Perplexity in Acquisition Discussions

by Sneha Singh
June 23, 2025
0
Apple Eyes AI Startup Perplexity in Acquisition Discussions

Apple executives are quietly exploring the possibility of acquiring artificial intelligence startup Perplexity AI, according to sources familiar with the matter. The tech giant's interest stems from its...

Read more
Next Post
Ford F-150 Lightning's range beats Rivian electric pickups, lags GMC

Ford F-150 Lightning gets higher EPA range with extended battery pack

Please login to join discussion

Techstory

Tech and Business News from around the world. Follow along for latest in the world of Tech, AI, Crypto, EVs, Business Personalities and more.
reach us at [email protected]

Advertise With Us

Reach out at - [email protected]

BROWSE BY TAG

#Crypto #howto 2024 acquisition AI amazon Apple bitcoin Business China cryptocurrency e-commerce electric vehicles Elon Musk Ethereum facebook flipkart funding Gaming Google India Instagram Investment ios iPhone IPO Market Markets Meta Microsoft News NFT samsung Social Media SpaceX startup startups tech technology Tesla TikTok trend trending twitter US

© 2024 Techstory.in

No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to

© 2024 Techstory.in

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?