Vulnerability: Code Execution via DYLD Environment Variable Injection in Western Digital WD Discovery

Vulnerability: Code Execution via DYLD Environment Variable Injection in Western Digital WD Discovery

CVE-2020-15816 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In Western Digital WD Discovery before 4.0.251.0, a malicious application running with standard user permissions could potentially execute code in the application's process through library injection by using DYLD environment variables.

Learn more about our User Device Pen Test.