CVE-2010-0224

Published: Jan 7, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

SanDisk Cruzer Enterprise USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.syss.de/index.php?id=108&tx_ttnews%5Btt_news%5D=528&cHash=8d16fa63d9

x_refsource_MISC

1023408

vdb-entry

x_refsource_SECTRACK

http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009

x_refsource_MISC

http://it.slashdot.org/story/10/01/05/1734242/

x_refsource_MISC

http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html

x_refsource_MISC

http://blogs.zdnet.com/hardware/?p=6655

x_refsource_MISC

http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf

x_refsource_MISC

ADV-2010-0078

vdb-entry

x_refsource_VUPEN

37677

vdb-entry

x_refsource_BID

sandisk-access-control-sec-bypass(55475)

vdb-entry

x_refsource_XF

https://www.ironkey.com/usb-flash-drive-flaw-exposed

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2010-0224

Description

Affected Products

References