Vulnerability Description
An improper privilege management issue that could allow an attacker to cause a denial of service over the OTA mechanism was discovered in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Westerndigital | My Cloud Home Firmware | < 9.4.0-191 |
| Westerndigital | My Cloud Home | - |
| Westerndigital | My Cloud Home Duo Firmware | < 9.4.0-191 |
| Westerndigital | My Cloud Home Duo | - |
| Westerndigital | Sandisk Ibi Firmware | < 9.4.0-191 |
| Westerndigital | Sandisk Ibi | - |
Related Weaknesses (CWE)
References
- https://www.westerndigital.com/support/product-security/wdc-23003-western-digitaVendor Advisory
- https://www.westerndigital.com/support/product-security/wdc-23003-western-digitaVendor Advisory
FAQ
What is CVE-2022-36329?
CVE-2022-36329 is a vulnerability with a CVSS score of 4.4 (MEDIUM). An improper privilege management issue that could allow an attacker to cause a denial of service over the OTA mechanism was discovered in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk i...
How severe is CVE-2022-36329?
CVE-2022-36329 has been rated MEDIUM with a CVSS base score of 4.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-36329?
Check the references section above for vendor advisories and patch information. Affected products include: Westerndigital My Cloud Home Firmware, Westerndigital My Cloud Home, Westerndigital My Cloud Home Duo Firmware, Westerndigital My Cloud Home Duo, Westerndigital Sandisk Ibi Firmware.