Browse all 44 CVE security advisories affecting Western Digital. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Western Digital manufactures data storage solutions, including hard drives, solid-state drives, and network-attached storage devices, serving both consumer and enterprise markets. The company’s product portfolio, particularly its NAS and cloud-connected storage units, has historically been associated with numerous security flaws. Recorded vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from insecure web interfaces or firmware components. These weaknesses allow attackers to potentially gain unauthorized access to stored data or compromise the underlying device. While specific major public breaches are less documented compared to larger software vendors, the high volume of Common Vulnerabilities and Exposures indicates persistent challenges in securing embedded systems and web management consoles. Maintaining robust firmware updates and secure configuration practices remains critical for mitigating risks associated with these storage appliances.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-22988 | Insecure file and directory permissions on EdgeRover — EdgeRoverCWE-275 | 7.7 | High | 2022-01-13 |
This page lists every published CVE security advisory associated with Western Digital. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.