A severe safety vulnerability in Western Digital’s WD Discovery desktop utility has been disclosed, probably permitting attackers to execute arbitrary code on Home windows methods.
The flaw, tracked as CVE-2025-30248, impacts WD Discovery model 5.2.730 and all prior releases.
The safety problem entails a DLL hijacking vulnerability inside the WD Discovery installer. Such a assault exploits the best way Home windows searches for dynamic-link library (DLL) information when purposes load.
Native attackers can place a malicious DLL file within the installer’s search path, which the reliable utility then hundreds and executes, granting the attacker full code execution capabilities on the goal system.
Past the first DLL Search Order Hijacking vulnerability, Western Digital additionally recognized extra EXE and DLL hijacking points particularly inside the Tiny Installer element utilized by WD Discovery.
These a number of assault vectors compound the safety danger for customers operating susceptible variations. Whereas the vulnerability requires native entry to take advantage of, the results are extreme.
Profitable exploitation permits attackers to execute arbitrary code with the identical privileges because the WD Discovery installer, probably compromising the whole system.
The difficulty significantly impacts organizations the place a number of customers share workstations or the place bodily safety controls could also be weaker.
Western Digital has categorised the vulnerability with a CVSS 4.0 rating of 8.9 (HIGH severity), reflecting the numerous menace it poses to affected methods.
Western Digital launched WD Discovery model 5.3 on December 19, 2025, which absolutely addresses all recognized vulnerabilities.
Customers will obtain computerized replace notifications by way of the applying, prompting them to put in the safety patch.
Alternatively, customers can manually obtain model 5.3 from the official WD Discovery Downloads web page.
Western Digital acknowledges Kazuma Matsumoto, a safety researcher at GMO Cybersecurity by IERAE, Inc., and David Silva for responsibly disclosing these vulnerabilities by way of coordinated disclosure processes.
Home windows customers operating any model of WD Discovery earlier than 5.3 ought to instantly replace their installations to mitigate potential exploitation dangers.
Comply with us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to function your tales.
