CVE-2022-36329

An improper privilege management issue that could allow an attacker to cause a denial of service over the OTA mechanism was discovered in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191.

Published: May 10, 2023
Updated: May 19, 2023
CVE: CVE-2022-36329
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
westerndigital / my_cloud_home_firmware	-	9.4.0-191
westerndigital / my_cloud_home_duo_firmware	-	9.4.0-191
westerndigital / sandisk_ibi_firmware	-	9.4.0-191

https://www.westerndigital.com/support/product-security/wdc-23003-western-digital-my-cloud-home-my-cloud-home-duo-and-sandisk-ibi-firmware-version-9-4-0-191

Vulnerability Database

289,784

CVE-2022-36329