"However, since more than 6 months have passed with no patch or solution having been deployed, the researchers disclosed and published the vulnerability, which should (should) finally prompt WD to action on fixing the issue."
That's not very flattering, and if I used any of those products/software features (I have only bare, internal SAS drives, both spinning rust and SSD) I'd be really concerned.
Since I only use bare internal drives, I imagine I'm not at risk (although, I've had one or more of these drives for at least 7 or 8 years -- so if I was at risk, you'd think that would have happened already) from the vulnerabilities noted in the links you provided.
But I'll do some research (although I do try to keep track of such things and never heard anything about actual drive firmware -- rather than the NAS/cloud products -- being compromised.) anyway.
Thanks again for compiling these links and sharing them. Much appreciated!
2017 https://www.bleepingcomputer.com/news/security/owners-of-wdt...
2017 https://blog.exploitee.rs/2017/hacking_wd_mycloud/
2018 https://www.theregister.co.uk/2018/01/08/wd_mycloud_nas_back... https://www.bitdefender.com/blog/hotforsecurity/researcher-f... https://www.techpowerup.com/240306/western-digital-ships-som...
"However, since more than 6 months have passed with no patch or solution having been deployed, the researchers disclosed and published the vulnerability, which should (should) finally prompt WD to action on fixing the issue."