Have a Seagate wireless hard drive? You`ve got all the reasons to worry about. Seagate wireless hard drives ship with undocumented Telnet services, making the disk accessible with a hard-coded password, reports CERT. One of the vulnerabilities, if exploited, allows an attacker with wireless access to the device with the capability to download unrestricted file. Another vulnerability found in the device lets an attacker upload anything into the device`s file-sharing directory. Seagate has issued a firmware update to patch the vulnerabilities.
The majority of the work done by the CERT Division of the Software Engineering Institute (SEI) at Carnegie Mellon University is focused on government and national security efforts. The CERT team reported three flaws in the wireless hard drives. The flaws allow anyone to easily bypass the default firewall with the username and password "root." Once exploited, one can access content available on the hard drive, as well as upload malware to it. Seagate Wireless Plus Mobile Storage, Seagate Wireless Mobile Storage, and LaCie Fuel hard drives are said to be affected.
The sad news is that the credentials are hard-coded into the device, making it impossible for one to tweak the settings and block potential unauthorised access. Seagate has made available a firmware update dubbed 184.108.40.206 that, as it noted, addesses all the aforementioned security concerns. The company also advises users to check Download Finder regularly to see if there is a new firmware update available, and install it, if there is.
Fortunately, there isn`t any public exploit of these vulnerabilities, noted security firm Tangible Security. It further added, "However, due to the categorisation of these vulnerabilities, it may be reasonable to believe that cybercriminals are doing so."
- Prada seeks younger customers in bid for growth
- Lotte vice chairman Lee In-won found dead
- German business confidence falls post-Brexit, says Ifo
- Tesla touts speed and driving range with new upgraded battery
- Stocks creep up amid Fed limbo, dollar dips leftright 22leftright 12leftright
- China Crinkles Aluminum Foil Makers
- Cisco to lay off about 14,000 employees: tech news site CRN leftright 22leftright
- UK to avoid recession and world economy to ‘stabilise’ as Brexit shock passes - but US poses biggest risk to global growth
- Fuel prices push up UK inflation rate to 0.6%
- Humidity 47%
- Winds 0 kph