First published: Thu Jan 13 2022(Updated: )
File and directory permissions have been corrected to prevent unintended users from modifying or accessing resources. It would be more difficult for an authenticated attacker to now traverse through the files and directories. This can only be exploited once an attacker has already found a way to get authenticated access to the device.
Credit: psirt@wdc.com psirt@wdc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Westerndigital Edgerover | <1.5.0-576 | |
Westerndigital Edgerover | <1.5.0-576 |
Update your EdgeRover Application to version 1.5.0-576 on Windows and Mac systems.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-22988 is a vulnerability that allows unintended users to modify or access resources in the Western Digital Edgerover desktop app version 1.5.0-576.
CVE-2022-22988 has a severity rating of 9.1 (Critical).
CVE-2022-22988 can only be exploited if an attacker has already found a way to gain access to the app.
Western Digital Edgerover desktop app versions up to and excluding 1.5.0-576 are affected by CVE-2022-22988.
To fix CVE-2022-22988, update to a version of the Western Digital Edgerover desktop app that is newer than 1.5.0-576.