Seagate Hard Disk Vulnerabilities

A security advisory notice posted on September 1 and revised on September 2 reveals that wireless hard της Seagate περιέχουν πολλαπλές among which there is one that exploits hard-coded credentials.Seagate hard drives vulnerabilities

The vulnerability allows exploits to the Telnet service running on the drives, using the default "root" credentials as the username and password, according to the Tangible Security who discovered it ..

The main point here is that the credentials encoded in the firmware on the disk are always the same, so attackers can easily exploit the vulnerability on all the affected drives.

The affected hard drives of the company are as follows:

  • Seagate Wireless Plus Mobile Storage
  • Wireless Mobile Storage
  • LaCie FUEL

These disks are also affected by two other vulnerabilities. The first exists if its setting ς μονάδας δίσκου δεν έχει τροποποιηθεί. Αυτό επιτρέπει στους επιτιθέμενους με () access to the affected devices to download all files of the discs without authentication.

The other vulnerability provides attackers with the means to upload files to the disks under a default configuration.

All three vulnerabilities give attackers full access to the files stored on these wireless drives, and very often the owner of the device does not know it.

The company released a new firmware for all the above drives. So end users and administrators should immediately apply these paches. If you are interested you should you know the serial number of your disk.

The easiest way to find Seagate's serial number is to use tthe Drive Detect application the company's.

It is a good idea to back up your data before applying the new firmware.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).