Seagate · Seagate Business Nas · CVE-2014-8687
**Name of the Vulnerable Software and Affected Versions**
Seagate Business NAS devices with firmware before 2015.00322
**Description**
The issue is caused by the use of defective or risky cryptographic algorithms in the embedded software of Business NAS devices, allowing remote attackers to execute arbitrary code with root privileges. This is achieved by leveraging the use of a static encryption key to create session tokens.
**Recommendations**
For Seagate Business NAS devices with firmware before 2015.00322, update the firmware to version 2015.00322 or later to resolve the issue.