cvedb.io
CVE-2022-29835
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2022-09-19T20:15:12.370 · Last modified 2026-06-17T04:40:47.890

Summary

WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm. An attacker could use this weakness to create forged certificate signatures due to the use of a hashing algorithm that is not collision-free. This could thereby impact the confidentiality of user content. This issue affects: Western Digital WD Discovery WD Discovery Desktop App versions prior to 4.4.396 on Mac; WD Discovery Desktop App versions prior to 4.4.396 on Windows.

Affected products

westerndigital — wd_discovery

Does this affect you?

Add your gear to cvedb and we'll alert you only when westerndigital ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.