Resource Centre Blog Open Source Partners
Search
Products
Knowledge Base
Support Downloads
Articles
suggested searches
Products Solutions Innovation Support About
Open
By Type External Hard Drives Internal Hard Drives External SSDs Internal SSDs Enterprise Hard Drives & SSDs Data Storage Systems Enterprise Storage Services
By Category Personal Storage Devices Gaming Storage Devices Creative Professional Network Attached Storage (NAS) Video Analytics Cloud, Edge & Data Centre
By Brand LaCie
By Use Case Backup & Recovery Big Data Analytics (AI/ML) Cloud Backup Data Migration Data Transfer High Performance Computing (HPC) Storage as a Service Video Analytics
By Environment Edge Multicloud Private Cloud Public Cloud
By Partner IBM AWS Commvault Veeam VMWare Milestone Equinix EVS NI View All Seagate Technology Partners
By Industry Autonomous Vehicles Healthcare Media & Entertainment Surveillance & Security Telecommunications Geosciences & Energy
Read the Article
Read the Article

Data Storage Innovations Mozaic 3+ Platform MACH.2 Multi-Actuator Hard Drives Seagate Secure
Data Management Innovations Circularity Program Open-Source Developer Community Composable Infrastructure
Read the Article
Read the Article

General Support Home Product Support Seagate Software Downloads LaCie Software Downloads Seagate Product Registration LaCie Product Registration
Warranty & Data Recovery Warranty & Replacements Data Recovery Services
Enterprise Seagate Systems Support Lyve Mobile Support Lyve Cloud Support
Regional Support การสนับสนุนสินค้า Hỗ trợ Sản phẩm tại Việt Nam
Read the Article
Read the Article

Our Story Leadership Team Board of Directors ESG Trust Centre Quality Assurance
Join our Seagate Team Life at Seagate Diversity, Equity and Inclusion Employee Resource Groups University Programmes
Investors
Press Centre News Media Kits Brand Portal LaCie Brand Portal

Seagate Security Advisories

To report a security vulnerability, please go to the Seagate Responsible Vulnerability Disclosure Policy, fill out and submit the vulnerability form.

 

Issue Products Solution Release Date
CVE-2022-37434
CVE-2018-25032		 RAID enabled SeaChest and SeaDragon

Some versions of RAID enabled SeaDragon and RAID enabled SeaChest use a third-party RAID library that contains zlib vulnerabilities. The build dates for the affected versions are as follows: Build dates for SeaDragon_ _R and SeaChest_ _R:

April 8 - 15, 2022
July 26 - Aug 4, 2022
March 2 - 9, 2023
March 28 - April 4, 2023

Running the tool with the following command will display the build date and "RAID Enabled" in the banner: --version 		RAID enabled SeaDragon_ _R and SeaChest_ _R with a build date of December 4, 2023, and later have remediated the vulnerabilities for the following: Microchip, PMC and HPE SmartRAID or SmartHBA Controllers.
  • Latest version of SeaChest
  • For the latest version of SeaDragon, contact your Seagate Customer Support Engineer
At this time, Windows versions of SeaDragon and SeaChest released December 4, 2023, or later do not support Adaptec Controllers Series 8. There is not a current workaround for these controllers on Windows. 		December 4, 2023
CVE-2023-48795 Exos X 3005 Hybrid Storage Arrays

Exos X 4005 Hybrid Storage Arrays

Exos X 5005 Hybrid Storage Arrays		 Vulnerability is exploited with specific ciphers: there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). Mitigations by removal of the ciphers can be done on either server side or client side to be effective. 

For the client side, an end user can remove the two ciphers from the default offered ciphers.

For the server side, Exos X firmware G280R014-01 will not be remediated.		 Products are EOL. Fix and intercept with future planned release.

This column will be updated if a fix becomes available.
CVE-2022-38392 Seagate Backup Plus Desktop 4 TB (STDT4000100) Seagate products are designed to operate within defined acoustic, shock and vibration tolerances. Exceeding defined tolerances, as stated in the product specifications, may cause product failures and void the product warranty. Users should ensure the products operate in an environment that meets Seagate's operating environment specifications 8/29/23

Pre-Auth Remote Code Execution (RCE) Vulnerability

 LaCie Cloudbox 2.6.11.1 (CloudBox) 6/17/2021

NetworkSpace 2 Products:


  • Network Space 2
  • Network Space Max
  • d2 Network 2
  • 2big Network 2
  • 5big Network 2

2.2.12.3


 6/17/2021

 CVE-2016-2118 - (a.k.a Badlock)

 LaCie 5Big NAS Pro
LaCie 2Big NAS
LaCie Cloudbox		 4.2.11.1
4.2.11.1
2.6.11.0		 6/15/2016

 CVE-2016-2118 - (a.k.a Badlock)

 Seagate NAS
Seagate NAS Pro
Seagate Business Storage Rackmount 4-Bay NAS
Segate Business Storage Rackmount 8-Bay NAS		 Download Finder  15/06/2016

CVE-2006-7243
CodeIgniter 2.1.0
PHP 5.2.3
and other exploits

 Seagate Business Storage NAS Business Storage NAS- Increasing Security 1/5/2015
CVE-2015-2876
CVE-2015-2875
CVE-2015-2874		 Seagate Wireless, Wireless Plus and LaCie Fuel Download Finder 1/9/2015


Multicloud Maturity Report

Find Out How Your Business Can Thrive in the Multicloud
About Seagate Our Story  ESG  Trust Centre  Quality Assurance 
Support  Product Support  Seagate Software Downloads  LaCie Software Downloads  Seagate Product Registration  LaCie Product Registration  Warranty & Replacements  Seagate Systems  Contact Us 
Press Centre  News  Media Kits  Brand Portal  LaCie Brand Portal 
Investors 
Partners  Indirect Partners & Resellers  Seagate Training Portal  Seagate Direct & Suppliers  Seagate Technology Alliance Program 
Jobs  Life at Seagate  Diversity, Equity and Inclusion  University Programmes 
Where to Buy  Product Finder 
facebook.svg linkedin.svg youtube.svg twitter.svg instagram.svg
©2024 Seagate Technology LLC Legal Privacy Vulnerability Disclosure Cookie Settings
Site Map