WD Discovery, Local Code Injection
WDC Tracking Number: WDC-20005
Product Line/Web: WD Discovery
Published: June 19, 2020
Last Updated: June 19, 2020
A malicious application running with standard user permissions could potentially execute code in the application's process through library injection by using DYLD environment variables. Malware on a local machine may use this to spoof authorization requests from WD Discovery.
Removed DYLD Environment Variables Entitlement and enabled hardened runtime feature to ensure DYLD environment variables option is turned off. Code injection into WD Discovery’s process is now blocked and cannot be affected by DYLD environment variables.
Reported by: YoKo Kho
CVE Number: CVE-2020-15816