Vulnerabilities (CVE)

Filtered by vendor Westerndigital Subscribe

Filtered by product Wd Discovery

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-12427	3 Apple, Microsoft, Westerndigital	3 Macos, Windows, Wd Discovery	2021-09-08	6.8 MEDIUM	8.8 HIGH
The Western Digital WD Discovery application before 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting disk space.
CVE-2020-15816	1 Westerndigital	1 Wd Discovery	2021-07-21	6.5 MEDIUM	8.8 HIGH
In Western Digital WD Discovery before 4.0.251.0, a malicious application running with standard user permissions could potentially execute code in the application's process through library injection by using DYLD environment variables.