CVE-2020-15816

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
17/07/2020
Last modified:
21/07/2021

Description

In Western Digital WD Discovery before 4.0.251.0, a malicious application running with standard user permissions could potentially execute code in the application's process through library injection by using DYLD environment variables.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:westerndigital:wd_discovery:*:*:*:*:*:macos:*:* 4.0.251.0 (excluding)
cpe:2.3:a:westerndigital:wd_discovery:*:*:*:*:*:windows:*:* 4.0.251.0 (excluding)