4.2

CVE-2015-7269

EPSS 0.06%
Veröffentlicht 27.11.2017 22:29:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle cret@cert.org
Teams Watchlist Login
Unerledigt Login

Seagate ST500LT015 hard disk drives, when operating in eDrive mode on Lenovo ThinkPad W541 laptops with BIOS 2.21, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by attaching a second SATA connector to exposed pins, maintaining an alternate power source, and attaching the data cable to another machine, aka a "Hot Unplug Attack."

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Seagate ≫ St500lt015 Firmware Version-

Seagate ≫ St500lt015 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.151

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.2	0.5	3.6	CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	1.9	3.4	2.9	AV:L/AC:M/Au:N/C:P/I:N/A:N

https://www.blackhat.com/docs/eu-15/materials/eu-15-Boteanu-Bypassing-Self-Encrypting-Drives-SED-In-Enterprise-Environments-wp.pdf

Third Party Advisory

Technical Description

https://www.infoworld.com/article/3004913/encryption/self-encrypting-drives-are-hardly-any-better-than-software-based-encryption.html

Third Party Advisory

Technical Description

https://nvd.nist.gov/vuln/detail/CVE-2015-7269

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-7269

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-7269

EUVD