Uncovering Vulnerabilities in WD and Synology NAS, and How BDRsuite Can Help You
Cybersecurity and IoT company Claroty discovered a vulnerability in WD (Western Digital) and Synology network-attached storage, known as NAS. The vulnerability was exposed at the Pwn2Own Toronto 2022, Zero Day Initiative event.
If it had fallen into the hands of malicious individuals, the vulnerability could have exposed the files of millions of users. Sounds terrible, doesn’t it?
Luckily, it didn’t get into the hands of a malicious persons, and both WD and Synology automatically released patches for the discovered vulnerabilities.
This article discusses the discovered vulnerabilities, offers a brief overview of preventive measures that users can take, and briefly explains how BDRSuite can help you back up data to both onsite and offsite locations.
A Few Words About Vulnerability
WD and Synology NAS devices can be registered via WD and Synology cloud services and accessed from over the Internet. The data remained on-site while being made available and accessed via the Internet.
WD uses a cloud service known as MyCloud OS5, and Synology uses a cloud service called QuickConnect.
According to Claroty, their initial approach involved trying to understand WD and Synology devices by seeking answers to the following questions:
What features does the device have?
How do users interact with the device?
What open services does the device expose?
What internet services does the device connect to?
What is the trust model in place on the system?
They identified a weakness: targeting cloud-based communication channels, impersonating devices, and redirecting users to devices they controlled instead of the genuine ones. This approach allowed them to gain access to devices via MyCloud OS and Quick Connect.
