Lucene search
+L

15 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:5 a.m.13 views

CVE-2022-28387

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affec...

4.6CVSS6.8AI score0.00485EPSS
Exploits1References1
OSV
OSV
added 2022/06/08 4:15 p.m.4 views

CVE-2022-28387

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affec...

4.6CVSS5.8AI score0.00485EPSS
Exploits1References6
NVD
NVD
added 2022/06/08 4:15 p.m.24 views

CVE-2022-28387

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affec...

4.6CVSS0.00485EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2022/06/08 4:15 p.m.3 views

CVE-2022-28387

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affec...

4.6CVSS5.9AI score0.00485EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2022/06/08 4:15 p.m.3 views

CVE-2022-28383

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to insufficient firmware validation, an attacker can store malicious firmware code for the USB-to-SATA bridge controller on the USB drive e.g., by leveraging physical access during the supply chain. This code is then...

6.8CVSS6AI score0.0059EPSS
Exploits1References15
NVD
NVD
added 2022/06/08 4:15 p.m.32 views

CVE-2022-28383

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to insufficient firmware validation, an attacker can store malicious firmware code for the USB-to-SATA bridge controller on the USB drive e.g., by leveraging physical access during the supply chain. This code is then...

6.8CVSS0.0059EPSS
Exploits1References14
NVD
NVD
added 2022/06/08 4:15 p.m.31 views

CVE-2022-28382

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...

7.5CVSS0.01646EPSS
Exploits1References14
Prion
Prion
added 2022/06/08 4:15 p.m.27 views

Input validation

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity checks, an attacker can manipulate the content of the emulated CD-ROM drive containing the Windows and macOS client software. The content of this emulated CD-ROM drive is stored as an ISO-9660 image in...

2.1CVSS4.6AI score0.00316EPSS
Exploits1References6Affected Software2
Prion
Prion
added 2022/06/08 4:15 p.m.15 views

Design/Logic Flaw

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affec...

2.1CVSS4.9AI score0.00485EPSS
Exploits1References6Affected Software2
CVE
CVE
added 2022/06/08 3:29 p.m.77 views

CVE-2022-28387

CVE-2022-28387 describes an insecure design in certain Verbatim drives up to 2022-03-31 that allows an attacker to unlock the device and gain unauthorized access to stored data by using an undocumented IOCTL command to retrieve the correct password. Affected devices include the Executive Fingerpr...

4.6CVSS4.8AI score0.00485EPSS
Exploits1References6Affected Software1
CNNVD
CNNVD
added 2022/06/08 12:0 a.m.7 views

Verbatim Keypad Secure USB Drive 安全漏洞

The Verbatim Keypad Secure USB Drive is a hardware encrypted USB flash drive from the Chinese company Verbatim. A security vulnerability exists in the Verbatim Keypad Secure USB Drive that arises from an insecure design and can be exploited by an attacker to brute-force break a password offline t...

4.6CVSS5.2AI score0.00485EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2022/06/08 12:0 a.m.5 views

PT-2022-18992 · Verbatim · Verbatim Drives

Name of the Vulnerable Software and Affected Versions: Verbatim drives affected versions not specified Description: An issue was discovered in certain Verbatim drives due to insufficient firmware validation. An attacker can store malicious firmware code for the USB-to-SATA bridge controller on th...

6.8CVSS6.5AI score0.0059EPSS
Exploits1References20
Cvelist
Cvelist
added 2022/06/08 12:0 a.m.41 views

CVE-2022-28382

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...

7.4AI score0.01646EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2022/06/08 12:0 a.m.5 views

PT-2022-18995 · Verbatim · Verbatim Store 'N' Go Secure Portable Hdd +1

Name of the Vulnerable Software and Affected Versions: Verbatim Keypad Secure USB 3.2 Gen 1 Drive Part Number 49428 Verbatim Store 'n' Go Secure Portable HDD GD25LK01-3637-C VER4.0 Description: An issue was discovered in certain Verbatim drives where the security feature for lockout does not work...

4.6CVSS4.5AI score0.00487EPSS
Exploits1References14
ThreatPost
ThreatPost
added 2009/11/19 3:44 p.m.12 views

HealthNet Data Breach Affects 1.5 Mil Customers

Health Net Inc. announced Wednesday that it is investigating a healthcare data security breach that resulted in the loss of patient data, affecting 1.5 million customers. The healthcare provider said the lost files, a mixture of medical data, Social Security numbers and other personally...

1.2AI score
Exploits0References2
Rows per page
Query Builder