Skip to main content
  1. Home
  2. Computing
  3. News

Your Seagate hard drive may be at risk for severe vulnerabilities

By

wireless seagate hard drives threatened by root password vulnerabilities plus hero right hi res 4975x4975 copy
Image used with permission by copyright holder
As a warning to users of Seagate’s line of wireless hard drives, a group of researchers at Tangible Security has discovered a security hole in a few specific Seagate wireless drives.

The vulnerability, which can reportedly provide unauthorized users with root access to the drive, is said to activate undocumented Telnet services using a default username and password combo. Telnet, a simple command line procedure, actually allows attackers to log in to someone else’s computer over an Internet or local network connection.

Recommended Videos

Anyone who opts to exploit this flaw could, quite effortlessly, dictate your hard drive as their own, enabling them to steal files or even to deploy malicious attacks against other people’s computers from your hard drive. Especially concerning is that both the default username and password required for root access is simply the word ‘root,’ making the barrier of entry for aggressors distressingly low.

Another hole spotted by the research firm allegedly allows an unrestricted capability to download files when within the parameters of a device’s wireless network. This could prove detrimental in the case where the attacker is located nearby. And a third flaw permits attackers to upload any file they’d like to the affected wireless hard drive. This, of course, isn’t limited to potentially hazardous files used to brick the devices attached to the drive or even the drive itself.

Fortunately, Seagate has already issued a fix, with help from Tangible Security, to the susceptibility, which seems to have affected those with either a Seagate Wireless Plus Mobile Storage, Seagate Wireless Mobile Storage, or a LaCie Fuel purchased between now and October 2014.

On the downside, however, Tangible has reported that other Seagate products may also be afflicted by the flaw.

“With products from large vendors such as Seagate, there tend to be numerous product names for basically the same product under the same vendor’s name or another vendor,” writes the research firm. “Tangible Security cannot enumerate all of the named products as well as Seagate. Other named products may be affected.”

If you’re using a wireless Seagate hard drive donning either firmware version 2.2.0.005 or 2.3.0.014, Seagate has made available an update to version 3.4.1.105 that repairs these vulnerabilities. To check if your drive is at-risk, it’s recommended that you search for a firmware update using Seagate’s Download Finder. Make sure to do it soon, as Tangible Security claims that this uncompromising vulnerability has been active for at least a week now and is sure to become more infectious as time goes by without action taken.

Editors’ Recommendations

Topics
Gabe Carey
Gabe Carey
Former Digital Trends Contributor
A freelancer for Digital Trends, Gabe Carey has been covering the intersection of video games and technology since he was 16…
Best early Black Friday deals under $100: Amazon Echo, TVs, headphones and more
The Amazon Echo Pop on a desk.

Update 11/19/24: Black Friday is still over a week away, but you can already start your shopping with the Black Friday deals under $100 that we've gathered here. There's a possibility that these affordable items get even bigger discounts when the sale officially launches, but we won't blame you if you're already tempted by today's prices.

Black Friday will start on November 29, but if you've already got the itch to shop, check out the early Black Friday deals under $100 that we've gathered here. The offers cover smart home devices, laptops, TVs, kitchen gadgets, and so much more, so if you want to start enjoying discounts without blowing your entire budget for the shopping event, take a look at our favorite bargains below.

Read more
Understandably, Stalker 2 is a bit of a mess on PC
Key art for Stalker 2. A character in a lit-up gas mask and a gun on their back.

Stalker 2 is one of those games I never thought would actually release. Originally announced 14 years ago, the project was shelved after developer GSC Game World closed its doors, only to be reignited in 2018. Then, as the originally announced 2022 release of the game approached, Ukraine, where the developer was based, was invaded by Russia.

There are plenty of games that suffer in development hell, but they pale in comparison to the struggles Stalker 2 has gone through. The fact that the game is even here is nothing short of a miracle. Like other titles stuck in development hell, though, Stalker 2 is far from perfect, particularly when it comes to PC performance.

Read more
Nvidia may keep producing one RTX 40 GPU, and it’s not the one we want
The Alienware m16 R2 on a white desk.

The last few weeks brought us a slew of rumors about Nvidia potentially sunsetting most of the RTX 40-series graphics cards. However, a new update reveals that one GPU might remain in production long after other GPUs are no longer being produced. Unfortunately, it's a GPU that would struggle to rank among Nvidia's best graphics cards. I'm talking about the RTX 4050 -- a card that only appears in laptops.

The scoop comes from a leaker on Weibo and was first spotted by Wccftech. The leaker states that the RTX 4050 is "the only 40-series laptop GPU that Nvidia will continue to supply" after the highly anticipated launch of the RTX 50-series. Unsurprisingly, the tipster also reveals that the fact that both the RTX 4050 and the RTX 5050 will be readily available at the same time will also impact the pricing of the next-gen card.

Read more