CVE-2010-0225

EPSS 0.03%
Veröffentlicht 07.01.2010 19:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sandisk ≫ Cruzer Enterprise Firmware Version-

Sandisk ≫ Cruzer Enterprise Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.059

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

CWE-312 Cleartext Storage of Sensitive Information

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

http://blogs.zdnet.com/hardware/?p=6655

Broken Link

http://it.slashdot.org/story/10/01/05/1734242/

Third Party Advisory

http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html

Third Party Advisory

http://www.syss.de/index.php?id=108&tx_ttnews%5Btt_news%5D=528&cHash=8d16fa63d9

https://www.ironkey.com/usb-flash-drive-flaw-exposed

Broken Link

http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009

Vendor Advisory

http://www.securityfocus.com/bid/37677

Third Party Advisory

VDB Entry

http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf

Broken Link

http://www.vupen.com/english/advisories/2010/0078

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2010-0225

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-0225

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-0225

EUVD