Root password flaw leaves wireless Seagate drives open to attack


Own a wireless hard drive? Was it made by Seagate ? You’ll want to download an update. Researchers at Tangible security have discovered a vulnerability in certain Seagate wireless drives that could give unauthorized users root access to the device. The flaw? A default username and password that activates undocumented Telnet services. It’s a terrifyingly simple vulnerability. Luckily, the fix is almost as simple — all you have to do is patch your drive’s firmware. Security researchers say the vulnerability can be found in Seagate Wireless Mobile storage, Wireless Plus Mobile Storage and LaCie FUEL drives dating back to last October, but warns that other drives may be affected as well. The report also highlights two other possible attacks that exploit the firmware’s file-sharing protocols. Seagate has already tested and confirmed the flaws, and issued firmware update as a fix. Have a Seagate drive? Why are you still readying this? Click here and update, already. Comments Via: CERT Source: Seagate , Tangible Security Tags:

Continue reading here:
Root password flaw leaves wireless Seagate drives open to attack


Please enter your comment!
Please enter your name here


This site uses Akismet to reduce spam. Learn how your comment data is processed.