Authentication flaw

2021-03-1900:15:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.4%

JSON

The iOS and macOS apps before 1.4.1 for the Western Digital G-Technology ArmorLock NVMe SSD store keys insecurely. They choose a non-preferred storage mechanism if the device has Secure Enclave support but lacks biometric authentication hardware.

CPENameOperatorVersion
armorlocklt1.4.1
armorlocklt1.4.1

CPE	Name	Operator	Version
	armorlock	lt	1.4.1
	armorlock	lt	1.4.1

References

www.westerndigital.com/support/productsecurity/wdc-21003-armorLock-insecure-key-storage-vulnerability