CVE-2021-28653

2021-03-1823:40:52

mitre

www.cve.org

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.4%

JSON

The iOS and macOS apps before 1.4.1 for the Western Digital G-Technology ArmorLock NVMe SSD store keys insecurely. They choose a non-preferred storage mechanism if the device has Secure Enclave support but lacks biometric authentication hardware.

References

www.westerndigital.com/support/productsecurity/wdc-21003-armorLock-insecure-key-storage-vulnerability