Headline
CVE-2023-22812: WDC-23005 SanDisk PrivateAccess Software Update | Western Digital
SanDisk PrivateAccess versions prior to 6.4.9 support insecure TLS 1.0 and TLS 1.1 protocols which are susceptible to man-in-the-middle attacks thereby compromising confidentiality and integrity of data.
Last Updated: March 02, 2023
Description
SanDisk PrivateAccess versions prior to 6.4.9 support insecure TLS 1.0 and TLS 1.1 protocols which are susceptible to man-in-the-middle attacks thereby compromising confidentiality and integrity of data. This issue has been resolved in the SanDisk PrivateAccess app version 6.4.9 and higher.
We urge our customers to install this software update immediately to keep their vaults protected. As with any upgrade, it is best to back up your data before installing the upgrade.
For other support and download information, please refer to: https://support-en.wd.com/app/answers/detailweb/a_id/36210
Advisory Summary
Updated the TLS version to TLS 1.2 for enhanced security.