Headline
CVE-2022-22988: WDC-22003 EdgeRover Desktop App Version 1.5.0-576 | Western Digital
File and directory permissions have been corrected to prevent unintended users from modifying or accessing resources.
WDC Tracking Number: WDC-22003
Published: January 13, 2022
Last Updated: January 13, 2022
Description
EdgeRover 1.5.0-576 includes two major security fixes to help keep your content secure.
Multiple vulnerabilities have been discovered in the FFmpeg multimedia framework which could cause a denial of service or code execution vulnerability if malformed files or streams are processed.
Insecure file and directory permissions were in place that could allow resources to be read or modified by unintended actors.
Product Impact
Minimum Fix Version
Last Updated
EdgeRover Mac Desktop App
January 10, 2022
EdgeRover Windows Desktop App
January 10, 2022
Advisory Summary
Addressed multiple FFmpeg vulnerabilities by updating the version to 7:4.1.8-0+deb10u1.
CVE Number: CVE-2020-20445, CVE-2020-20446, CVE-2020-20453, CVE-2020-21041, CVE-2020-22015, CVE-2020-22016, CVE-2020-22017, CVE-2020-22019, CVE-2020-22020, CVE-2020-22021, CVE-2020-22022, CVE-2020-22023, CVE-2020-22025, CVE-2020-22026, CVE-2020-22027, CVE-2020-22028, CVE-2020-22029, CVE-2020-22030, CVE-2020-22031, CVE-2020-22032, CVE-2020-22033, CVE-2020-22034, CVE-2020-22035, CVE-2020-22036, CVE-2020-22037, CVE-2020-22049, CVE-2020-22054, CVE-2020-35965, CVE-2021-38114, CVE-2021-38171, CVE-2021-38291
File and directory permissions have been corrected to prevent unintended users from modifying or accessing resources.
CVE Number: CVE-2022-22988