WizCase Found Critical Firmware Vulnerabilities In Leading NAS Devices

  • 89
  •  
  •  
  •  
  •  
  •  
  •  
    89
    Shares

Network-attached storage devices provide a convenient and cost-effective means to store data and increase storage memory. However, despite being convenient, these devices may also cause significant losses if ever hacked. Recently, researchers found critical vulnerabilities in the firmware of some of the leading NAS devices. These vulnerabilities could allow an attacker to perform remote attacks and execute commands.

Critical Firmware Vulnerabilities Found In NAS Devices

Reportedly, researchers from WizCase assessed some of the leading NAS devices only to find critical security vulnerabilities. They allegedly assessed four different devices and discovered two critical flaws that could allow an attacker to perform remote code execution.

As mentioned in their report, the researchers Paulos Yibelo and Daniel Eshetu, analyzed the storage devices from WD My Book, SeaGate Home, NetGear Stora, and Medion LifeCloud NAS. Explaining their aim to conduct the research, they state,

“…is it secure enough to protect your companies data? That was the question on our mind… We focused on discovering only critical vulnerabilities that can be exploited remotely without any user interaction. Meaning, authentication bypasses weren’t enough. We wanted to execute commands on the devices remotely with the highest privileges.”

Consequently, the results they obtained gave the answer to their question.

“We were successful, in all the devices.”

As stated, the researchers found two critical flaws in the firmware of these devices that could trigger remote attacks. The first one is the XXE and Unauthenticated Remote Command Execution flaw (CVE-2018-18471 in the Axentra Hipserv NAS firmware. This firmware runs on numerous NAS devices and has also affected Netgear Stora, Seagate GoFlex Home, and Medion LifeCloud devices among the tested ones.

Besides, the other unauthenticated RCE vulnerability (CVE-2018-18472) affected some discontinued WD MyBook Live devices. Hence, Western Digital (WD) has recommended the users of these products to prevent unauthenticated remote access to their devices by configuring firewalls.

Possible Measures For Protection

Both the zero-day RCE vulnerabilities have similar impacts and may have affected around 2 million devices online. As explained by the researchers,

“The vulnerabilities allow hackers, governments, or anyone with malicious intention to read files, add/remove users, add/modify existing data, or execute commands with highest privileges on all of the devices.”

Presently, no patches are available for both the vulnerabilities. Therefore, WizCase recommends the users of the affected devices to remain vigilant for their device’s security. The users should thus make sure to use a VPN to remain hidden from potential bad actors. Moreover, they should also take care to disconnect their devices when connected to WAN.

Take your time to comment on this article.

 

The following two tabs change content below.
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!