CVE-2010-0226

2010-01-0719:00:00

mitre

www.cve.org

AI Score

6.6

Confidence

Low

EPSS

0.002

Percentile

56.7%

JSON

SanDisk Cruzer Enterprise USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the cleartext drive contents by providing a key that was captured in a USB data stream at an earlier time.

References

www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009

www.securityfocus.com/bid/37677

www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf

www.syss.de/index.php?id=108&tx_ttnews%5Btt_news%5D=528&cHash=8d16fa63d9

www.vupen.com/english/advisories/2010/0078

www.ironkey.com/usb-flash-drive-flaw-exposed