CVE-2010-0225

SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 7%
VendorProductVersion
sandiskcruzer_enterprise_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://blogs.zdnet.com/hardware/?p=6655
http://it.slashdot.org/story/10/01/05/1734242/
http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html
http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009
http://www.securityfocus.com/bid/37677
http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf
http://www.syss.de/index.php?id=108&tx_ttnews%5Btt_news%5D=528&cHash=8d16fa63d9
http://www.vupen.com/english/advisories/2010/0078
https://www.ironkey.com/usb-flash-drive-flaw-exposed
http://blogs.zdnet.com/hardware/?p=6655
http://it.slashdot.org/story/10/01/05/1734242/
http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html
http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009
http://www.securityfocus.com/bid/37677
http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf
http://www.syss.de/index.php?id=108&tx_ttnews%5Btt_news%5D=528&cHash=8d16fa63d9
http://www.vupen.com/english/advisories/2010/0078
https://www.ironkey.com/usb-flash-drive-flaw-exposed