CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-29654
https://notcve.org/view.php?id=CVE-2020-29654
11 Dec 2020 — Western Digital Dashboard before 3.2.2.9 allows DLL Hijacking that leads to compromise of the SYSTEM account. Western Digital Dashboard versiones anteriores a 3.2.2.9, permite el secuestro de una DLL que lleva a comprometer la cuenta SYSTEM • https://www.westerndigital.com/support/productsecurity/wdc-20011-western-digital-dashboard-privilege-escalation • CWE-427: Uncontrolled Search Path Element •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13467
https://notcve.org/view.php?id=CVE-2019-13467
30 Sep 2019 — Description: Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 applications are potentially vulnerable to man-in-the-middle attacks when the applications download resources from the Dashboard web service. This vulnerability may allow an attacker to substitute downloaded resources with arbitrary files. Descripción: Western Digital SSD Dashboard versiones anteriores a 2.5.1.0 y SanDisk SSD Dashboard versiones anteriores a 2.5.1.0, las aplicaciones son potencialmente vulnera... • https://support.wdc.com/downloads.aspx?g=907&lang=en •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13466
https://notcve.org/view.php?id=CVE-2019-13466
30 Sep 2019 — Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 have Incorrect Access Control. The “generate reports” archive is protected with a hard-coded password. An application update that addresses the protection of archive encryption is available. El panel de Western Digital SSD anterior a la versión 2.5.1.0 y el panel de SanDisk SSD anterior a la versión 2.5.1.0 tienen un control de acceso incorrecto. El archivo "generar informes" está protegido con una contraseña codificada. • https://support.wdc.com/downloads.aspx?g=907&lang=en • CWE-798: Use of Hard-coded Credentials •