Very few things in modern computing might scare people more than thought of losing data for years in the blink of an eye. Unfortunately, the nightmare came true when thousands of Western Digital owners stopped my book’s storage directly last week. Files, photos, videos, videos, videos, and everything included remotely because some evil actors might compete with each other. What makes the situation worse is that Western Digital itself might have a hand that really allows one of the two vulnerabilities that allow the removal of this remote mass.
Western Digital immediately rejected speculation that the server was compromised, leading to remote formatting from many of my living devices in the world last week. Instead, the company refers to evil actors who exploit vulnerabilities in the operating system as the cause. After several investigations, it refers to the lack of 2018 security that gives an attacker the ability to execute commands remotely with privileges to certain devices.
Because CVE-2018-18472 was reported to be back in 2018, Western Digital did not need to be questioned to patch it for products that were no longer supported since 2015. Apparently, however, that other vulnerabilities may also have been used to rearrange long distances. device to their factory country. Unlike the first exploitation, this vulnerability is believed to have existed since my book Live Day was launched in 2011 and has even become a western digital error.
According to the Ars Technica report, my book directly requires a user password when trying to recover the remote factory. However, for some unknown reason, the code sent with a NAS device has this examination is disabled. In other words, it will be relatively trivial for knowledgeable hackers to do that removal, thanks to some of the mysterious code changes in the WD section.
The mysterious part of these two vulnerabilities is that the last Zero-day exploitation is not necessary because the 2018 vulnerability has provided root access attackers to do tissues. The current theory is that the exploitation of CVE-2018-18472 is used by one hacker to change the device that is compromised into a botnet while the second vulnerability, long used by rival hackers to take over the network or sabotage. Either way, the end result is the same, leaving hundreds if not thousands of users who experience the lack of their lost data.