Western Digital WD Discovery for Mac OS
Approved changes feed: RSS · Atom
cpe:2.3:a:westerndigital:wd_discovery:-:*:*:*:*:mac_os:*:*
part: a version: - update: *
| Vendor | Westerndigital (31f3ce61-d65f-59c0-8a6e-4a83464a1be1) |
|---|---|
| Product | Wd Discovery (a4d176bc-2e64-597c-b2c7-489df3a2bda4) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | mac_os |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-22169 |
vulnerable | 2026-06-03 14:54:59.922561 |
Misconfiguration in node.js causing a code execution in WD Discovery
WD Discovery
versions prior to 5.0.589 contain a misconfiguration in the Node.js environment
settings that could allow code execution by utilizing the 'ELECTRON_RUN_AS_NODE' environment variable.
Any malicious application operating with standard user permissions can exploit
this vulnerability, enabling code execution within WD Discovery application's
context. WD Discovery version 5.0.589 addresses this issue by disabling certain
features and fuses in Electron. The attack vector for this issue requires the victim to have the WD Discovery app installed on their device.
Published: 2024-08-02T18:31:11.324Z
Updated: 2024-08-05T18:55:48.270Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.