13 matches found
CVE-2022-28382
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...
CVE-2022-28387
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affec...
CVE-2022-28383
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to insufficient firmware validation, an attacker can store malicious firmware code for the USB-to-SATA bridge controller on the USB drive e.g., by leveraging physical access during the supply chain. This code is then...
CVE-2022-28387
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affec...
CVE-2022-28387
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affec...
CVE-2022-28382
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...
CVE-2022-28382
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...
Design/Logic Flaw
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affec...
Verbatim Keypad Secure USB Drive 数据伪造问题漏洞
The Verbatim Keypad Secure USB Drive is a hardware encrypted USB flash drive from Verbatim, a Chinese company. A security vulnerability in the Verbatim Keypad Secure USB Drive, which stems from a lack of integrity checking, can be exploited by an attacker to store and execute malware on an emulat...
CVE-2022-28382
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...
CVE-2022-28382
CVE-2022-28382 concerns Verbatim drives where the firmware (INIC-3637EN/ENIC-3637EN) uses AES-256 in ECB mode. This deterministic block cipher mode encrypts identical 16-byte blocks to identical ciphertext, enabling potential leakage of information from encrypted data (e.g., bitmap-like content)....
Verbatim Keypad Secure USB Drive 安全漏洞
The Verbatim Keypad Secure USB Drive is a hardware encrypted USB flash drive from the Chinese company Verbatim. A security vulnerability exists in the Verbatim Keypad Secure USB Drive that arises from an insecure design and can be exploited by an attacker to brute-force break a password offline t...
PT-2022-18991 · Verbatim · Verbatim Fingerprint Secure Portable Hard Drive +3
Name of the Vulnerable Software and Affected Versions: Verbatim Keypad Secure USB 3.2 Gen 1 Drive versions through 2022-03-31 Verbatim Store 'n' Go Secure Portable HDD GD25LK01-3637-C versions through VER4.0 Verbatim Executive Fingerprint Secure SSD GDMSFE01-INI3637-C versions through VER1.1...