3 matches found
CVE-2022-28387
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affec...
CVE-2022-28383
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to insufficient firmware validation, an attacker can store malicious firmware code for the USB-to-SATA bridge controller on the USB drive e.g., by leveraging physical access during the supply chain. This code is then...
PT-2022-18992 · Verbatim · Verbatim Drives
Name of the Vulnerable Software and Affected Versions: Verbatim drives affected versions not specified Description: An issue was discovered in certain Verbatim drives due to insufficient firmware validation. An attacker can store malicious firmware code for the USB-to-SATA bridge controller on th...