CVE-2025-30248

High CVSS: 8.9

DLL hijacking in the WD Discovery Installer in Western Digital WD Discovery 5.2.730 on Windows allows a local attacker to execute arbitrary code via placement of a crafted dll in the installer's search path.

Vendor

Product

CWE

CWE-427

Yayın Tarihi

2026-01-26 23:15:54

Güncelleme

2026-01-27 14:59:34

Source Identifier

psirt@wdc.com

KEV Date Added

Kategoriler

CWE-427 HIGH 2026

Referanslar

https://www.westerndigital.com/support/product-security/wdc-25008-wd-discovery-desktop-app-version-5-3