4.2

CVE-2015-7269

EPSS 0.06%
Published 27.11.2017 22:29:00
Last modified 20.04.2025 01:37:25
Source cret@cert.org
Teams watchlist Login
Open Login

Seagate ST500LT015 hard disk drives, when operating in eDrive mode on Lenovo ThinkPad W541 laptops with BIOS 2.21, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by attaching a second SATA connector to exposed pins, maintaining an alternate power source, and attaching the data cable to another machine, aka a "Hot Unplug Attack."

Affected products Warnungen 0 Metrics 3 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Seagate ≫ St500lt015 Firmware Version-

Seagate ≫ St500lt015 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.151

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.2	0.5	3.6	CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	1.9	3.4	2.9	AV:L/AC:M/Au:N/C:P/I:N/A:N

https://www.blackhat.com/docs/eu-15/materials/eu-15-Boteanu-Bypassing-Self-Encrypting-Drives-SED-In-Enterprise-Environments-wp.pdf

Third Party Advisory

Technical Description

https://www.infoworld.com/article/3004913/encryption/self-encrypting-drives-are-hardly-any-better-than-software-based-encryption.html

Third Party Advisory

Technical Description

https://nvd.nist.gov/vuln/detail/CVE-2015-7269

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-7269

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-7269

EUVD