WD Discovery, Local Code Injection

WDC Tracking Number: WDC-20005
Product Line/Web:  WD Discovery
Published: June 19, 2020

Last Updated: June 19, 2020


A malicious application running with standard user permissions could potentially execute code in the application's process through library injection by using DYLD environment variables. Malware on a local machine may use this to spoof authorization requests from WD Discovery.

Product Impact
Last Updated
WD Discovery for Mac
June 19, 2020
WD Discovery for Windows
June 19, 2020

Advisory Summary

Removed DYLD Environment Variables Entitlement and enabled hardened runtime feature to ensure DYLD environment variables option is turned off. Code injection into WD Discovery’s process is now blocked and cannot be affected by DYLD environment variables.

Reported by: YoKo Kho

CVE Number: CVE-2020-15816