Western Digital App Bug Gives Elevated Privileges in Windows, MacOS
Western Digital’s EdgeRover desktop app for both Windows and Mac are vulnerable to local privilege escalation and sandboxing escape bugs that could allow the disclosure of sensitive information or denial of service (DoS) attacks.
EdgeRover is a centralized content management solution for Western Digital and SanDisk products, unifying multiple digital storage devices under a single management interface.
It’s a proprietary software solution aiming to increase usability and comfort, offering powerful content searching, filtering, categorization options, privacy settings, collection creation, duplicate detection, and more.
Considering that Western Digital is one of the world’s most successful manufacturers and retailers of digital storage products, there are likely a significant number of people using EdgeRover for data management.
A data exposing problem
The vulnerability, tracked as CVE-2022-22998, is a directory traversal bug, allowing unauthorized access to restricted directories and files. The vulnerability has been given a CVSS v3 severity rating of 9.1, categorizing the flaw as critical.
Western Digital’s brief advisory does not provide much detail regarding the vulnerability, so it is not clear if it is a DLL hijacking bug allowing local privilege elevation or a bug allowing access to unprivileged data locations.
However, Western Digital is advising its customers to update their EdgeRover desktop applications to version 1.5.1-594 or later, released last week to resolve these vulnerabilities.
The flaw was discovered by threat researcher Xavier Danest, who responsibly disclosed it to the vendor.
Western Digital addressed the security problem by correcting the file and directory permissions to prevent unauthorized access and modification.
It is unclear if the vulnerability has been actively exploited, Bleeping Computer has contacted the hardware giant to request more details.
It should be noted that for a threat actor to utilize this vulnerability to steal your data, it is likely your system has already been compromised in some manner.
Also Read: A guide to Singapore’s Do Not Call Registry
Media collection management apps may appear enticing, especially to users who need to organize several terabytes of data from various sources. Still, one shouldn’t forget that each app comes with its own set of security and privacy risks.
In this case, it’s convenience vs. security, as CVE-2022-22998 could potentially lead to the exposure of the users’ entire private media and data collection.
If you’re worried about this scenario, we suggest that you stick with the default file manager that comes with your OS and keep the number of third-party apps on your system at a minimum.