Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-36329

An improper privilege management issue that could allow an attacker to cause a denial of service over the OTA mechanism was discovered in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191.

Published

2023-05-10T20:15:09.530

Last Modified

2024-11-21T07:12:48.417

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.4 (MEDIUM)

Weaknesses

Type: Secondary
CWE-400
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	westerndigital	my_cloud_home_firmware	< 9.4.0-191	Yes
Hardware	westerndigital	my_cloud_home	-	No
Operating System	westerndigital	my_cloud_home_duo_firmware	< 9.4.0-191	Yes
Hardware	westerndigital	my_cloud_home_duo	-	No
Operating System	westerndigital	sandisk_ibi_firmware	< 9.4.0-191	Yes
Hardware	westerndigital	sandisk_ibi	-	No

References

https://www.westerndigital.com/support/product-security/wdc-23003-western-digital-my-cloud-home-my-cloud-home-duo-and-sandisk-ibi-firmware-version-9-4-0-191 Vendor Advisory ([email protected])
https://www.westerndigital.com/support/product-security/wdc-23003-western-digital-my-cloud-home-my-cloud-home-duo-and-sandisk-ibi-firmware-version-9-4-0-191 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)