15 matches found
CVE-2022-28387
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affec...
CVE-2022-28387
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affec...
CVE-2022-28387
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affec...
CVE-2022-28387
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affec...
CVE-2022-28383
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to insufficient firmware validation, an attacker can store malicious firmware code for the USB-to-SATA bridge controller on the USB drive e.g., by leveraging physical access during the supply chain. This code is then...
CVE-2022-28383
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to insufficient firmware validation, an attacker can store malicious firmware code for the USB-to-SATA bridge controller on the USB drive e.g., by leveraging physical access during the supply chain. This code is then...
CVE-2022-28382
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...
Input validation
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity checks, an attacker can manipulate the content of the emulated CD-ROM drive containing the Windows and macOS client software. The content of this emulated CD-ROM drive is stored as an ISO-9660 image in...
Design/Logic Flaw
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affec...
CVE-2022-28387
CVE-2022-28387 describes an insecure design in certain Verbatim drives up to 2022-03-31 that allows an attacker to unlock the device and gain unauthorized access to stored data by using an undocumented IOCTL command to retrieve the correct password. Affected devices include the Executive Fingerpr...
Verbatim Keypad Secure USB Drive 安全漏洞
The Verbatim Keypad Secure USB Drive is a hardware encrypted USB flash drive from the Chinese company Verbatim. A security vulnerability exists in the Verbatim Keypad Secure USB Drive that arises from an insecure design and can be exploited by an attacker to brute-force break a password offline t...
PT-2022-18992 · Verbatim · Verbatim Drives
Name of the Vulnerable Software and Affected Versions: Verbatim drives affected versions not specified Description: An issue was discovered in certain Verbatim drives due to insufficient firmware validation. An attacker can store malicious firmware code for the USB-to-SATA bridge controller on th...
CVE-2022-28382
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...
PT-2022-18995 · Verbatim · Verbatim Store 'N' Go Secure Portable Hdd +1
Name of the Vulnerable Software and Affected Versions: Verbatim Keypad Secure USB 3.2 Gen 1 Drive Part Number 49428 Verbatim Store 'n' Go Secure Portable HDD GD25LK01-3637-C VER4.0 Description: An issue was discovered in certain Verbatim drives where the security feature for lockout does not work...
HealthNet Data Breach Affects 1.5 Mil Customers
Health Net Inc. announced Wednesday that it is investigating a healthcare data security breach that resulted in the loss of patient data, affecting 1.5 million customers. The healthcare provider said the lost files, a mixture of medical data, Social Security numbers and other personally...