Claroty, an IoT and industrial cybersecurity firm, has discovered critical vulnerabilities in Western Digital (WD) and Synology network-attached storage (NAS) products, potentially exposing millions of users’ files. The vulnerabilities could allow attackers to remotely access user files, execute arbitrary code, and take full control of cloud-connected devices. Both vendors have released patches and advisories to address these issues. The vulnerabilities were due to weak device authentication based on publicly known information.
Read more at SecurityWeek…