Western Digital's EdgeRover desktop program had a bug that granted elevated privileges on Windows and macOS
Last year, Western Digital users ran into trouble with their My Book Live Drives, which were wiped automatically due to a bug in the firmware. Now, the company's desktop utility, EdgeRover, has been found to have a serious security vulnerability, that could have put user data at risk again.
For those unaware of what it is, EdgeRover is a useful tool that lets you catalog your drive's contents, and uses it as a database to quickly search for files, scan and detect duplicates, automatically organize your photos and videos as collections, etc.
Ironically, this is not the first time a serious security issue has been discovered in EdgeRover. A couple of months ago, the application was updated to patch two security threats related to FFmpeg, these flaws could have resulted in remote code execution or a DoS (Denial of service) attack.
Coming back to the issue at hand, Bleeping Computer points out that the latest vulnerability, tracked in CVE-2022-22988, has been rated critical, with a CVSS 3 severity rating of 9.1. The bug came to light when it was discovered by security researcher, Xavier Danest. He reported it to Western Digital, for the company to analyze and fix the issue. Western Digital released a new version of EdgeRover a few days ago, in order to patch the security flaw. It has also published a security advisory, WDC-22004, to educate users about the threat and its severity.
The summary for the issue terms the issue in EdgeRover as a "directory traversal vulnerability". It goes on to explain that if the flaw had been exploited, it could have allowed an attacker, to carry out a local privilege escalation, i.e. gain administrator rights to the computer. This would in turn let the hacker access sensitive information stored on the PC, or execute a DoS attack. That is, of course, providing the hacker had access to the computer in the first place.
To fix the problem, Western Digital had to modify the permissions management system in EdgeRover, to restrict the files and directories that it can access. In other words, the program will no longer load the system folders that could have been bypassed to gain elevated rights to the system.
Whether the security vulnerability was exploited by hackers remains a mystery. If you are using EdgeRover on your Windows or macOS computer, you should update to the latest version of the program as soon as possible to avoid any potential security issues, and keep your data safe. The current build of the tool, which includes the security fix for the flaw, is version 1.5.1-594. You can download the program's installer from the official website.
I prefer to organize my content manually. While the old-school method may lack the convenience that an automated software can provide, managing the data on your own gives you greater control over the contents. You don't have to worry about privacy policies, or your data getting wiped by accident. As for searching through the files, Everything desktop search engine gets the job done.
What about you? Do you use programs to catalog your data?
I never install any of the extra software that come with peripherals, just the driver.
Why would you need a driver for a drive?
But even then WD drivers alone can be a security issue. I remember trying to turn on memory isolation through Windows Security and getting an error, I looked up the error code and discovered that a faulty driver from WD external drive was the cause and that the driver has been known to be problematic for years with WD not bothering to fix it. Insane.