CVE-2025-10010

The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separate unencrypted partition which can be reached by anyone with access to the hard disk. Multiple...

CVE-2025-10010

The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separate unencrypted partition which can be reached by anyone with access to the hard disk. Multiple...

CVE-2025-10010

The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separate unencrypted partition which can be reached by anyone with access to the hard disk. Multiple...

EUVD-2025-208086

The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separate unencrypted partition which can be reached by anyone with access to the hard disk. Multiple...

CVE-2025-10010

The CVE affects the CPSD CryptoPro Secure Disk: during boot, a small Linux OS validates integrity via IMA, but configuration files are not validated by IMA. This can allow an attacker with physical access to alter config files on the unencrypted partition, enabling arbitrary code execution as roo...

CVE-2025-10010 Integrity Validation Bypass in CryptoPro Secure Disk for BitLocker

The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separate unencrypted partition which can be reached by anyone with access to the hard disk. Multiple...

PT-2026-21741

Name of the Vulnerable Software and Affected Versions CPSD CryptoPro Secure Disk affected versions not specified Description The CPSD CryptoPro Secure Disk application utilizes a small Linux operating system for user authentication prior to BitLocker decryption of the Windows partition. The Linux...

CVE-2025-1704

ComponentInstaller Modification in ComponentInstaller in Google ChromeOS 15823.23.0 on Chromebooks allows enrolled users with local access to unenroll devices and intercept device management requests via loading components from the unencrypted stateful partition...

Google Chrome OS 安全漏洞

Google ChromeOS is a set of Web-based lightweight open source operating system from Google Google. Google ChromeOS suffers from a memory misreference vulnerability that is caused by a flaw in ComponentInstaller. An attacker could exploit the vulnerability to intercept device management requests b...

raidsonic nas-4220 crypt disk key leak (stored in plain on unencrypted partition)

Manufacturer: RaidSonic www.raidsonic.de Device: NAS-4220-B Firmware: 2.6.0-n2007-10-11 Device Type: end user grade NAS box OS: Linux 2.6.15 Architecture: ARM Designed by: Storm Semiconductor Inc www.storlinksemi.com Problem: Hard disk encryption key stored in plain on unencrypted partition. Time...

raidsonic-disclose.txt

Manufacturer: RaidSonic www.raidsonic.de Device: NAS-4220-B Firmware: 2.6.0-n2007-10-11 Device Type: end user grade NAS box OS: Linux 2.6.15 Architecture: ARM Designed by: Storm Semiconductor Inc www.storlinksemi.com Problem: Hard disk encryption key stored in plain on unencrypted partition. Time...