WD Cloud Zero Day vulnerabilities

http://www.securityweek.com/multiple-zero-days-disclosed-western-digital-nas-storage-devices
Have WD fixed the multiple Zero Day vulnerabilities in your My Cloud software?
I have turned my device off and am scared to turn it back on due to fear of my data being hacked. Lost all confidence in WD - read article and please inform me why it has taken so long to patch - if indeed it is patched.

Old news. If one uses the forum search feature, magnifying glass icon upper right, they’d see the security vulnerabilities mentioned in that link have been well discussed in several past discussions. Here are just three past discussions:

https://community.wd.com/t/latest-firmware-still-vulnerable/96743/

https://community.wd.com/t/endgadet-warns-about-security-problem/198086/

https://community.wd.com/t/any-plan-for-west-digital-to-fix-this-high-risk-for-mycloud-product/198200/

Bottom line is new firmware WAS previously release to deal with some (most or all) of the various security vulnerabilities mentioned back in March. However it isn’t clear if any of the companies who publicized the vulnerabilities have gone back and retested the My Cloud units with updated firmware to see if the vulnerabilities actually were plugged/fixed.

If you are concerned just disable remote access and ensure your local network is secure. As always ensure your My Cloud unit is updated to the latest firmware.

WD have still not identified what was patched, and what was not.

How well is your home network secured? I have McAfee Total Protection. My computers and devices to me are as protected as they can be. I can scan my My Cloud if I want to, See example image below showing how I can scan my Horace share.

Which My Cloud device do you have? Who is allowed to use it?

I doubt that McAfee is running on your router, or your MyCloud.

The vulnerabilities identified were attacks on the MyCloud, without recourse to the PC; these are active attack vulnerabilities, not viral infestations.

McAfee will not be able to see the OS side of the MyCloud.

McAfee will not protect against vulnerabilities in the MyCloud.

Many thanks for the comprehensive reply - I realise it can be fustrating seeing another thread start when several already exist. Just joined forum today and hadn’t realised it was primarily user-to-user. Thereby pointless posting. I’ll try to delete thread. I have read through one extended thread where you are particularly active. Interesting comments, but still shocked at the complete lack of security and seemingly unwillingness of WD to adequately resolve matters.

I want to use WD for remote access, and thereby am seeking reassurance I can update my MyCloud and continue to use it for secure remote access. I guess that is not the case as yet.

@cat0w - thanks for sharing. Unfortunately most malware these days use polymorphic malware and signature based anti-virus software is simply unable to detect the threats these days. I’m sure McAfee is good (I have used McAfee enterprise products in the past), but the internet is a scary place in recent times where patching/sw updates are really the best you can do.

So what I am seeing here is a figment of my imagination and this is not checking my SmartWare share. Not that I am worried because everything uploaded to my My Cloud is from my devices and they all have McAfee.

@CameronMac

Just want to share a link for those that need it and I am sure they can find more by doing a google search.

http://searchsecurity.techtarget.com/definition/polymorphic-malware

I have had my My Cloud for almost three years now and I do use remote access virtually ever day. As of this date I have not had any problems. It is kept up to date as well as my Windows 10 on my computers.

1 Like

No, it’s not a figment of your imagination.

But that’s a screenshot of the McAfee software running on your PC, isn’t it? Not running on your router. Not running on your MyCloud. Not accessing the root file system of your MyCloud. Which is what I said earlier.

By ‘running’, I mean executing a program. I don’t mean simply accessing a file system.

Yes, it’s accessing your Smartware share. But that isn’t on the root partition of your MyCloud; it’s in user file space.

You seem to have missed the point of the long list of vulnerabilities; they attack vulnerabilities in the debian linux packages running on the MyCloud. They do not infest your PC. The MyCloud is the attack vector.