Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
•added 2025/05/23 1:6 a.m.•6 views

CVE-2022-28382

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...

7.5CVSS6.4AI score0.01632EPSS
Exploits1References1
NVD
NVD
•added 2022/06/08 4:15 p.m.•32 views

CVE-2022-28383

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to insufficient firmware validation, an attacker can store malicious firmware code for the USB-to-SATA bridge controller on the USB drive e.g., by leveraging physical access during the supply chain. This code is then...

6.8CVSS0.00585EPSS
Exploits1References14
NVD
NVD
•added 2022/06/08 4:15 p.m.•31 views

CVE-2022-28382

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...

7.5CVSS0.01632EPSS
Exploits1References14
Prion
Prion
•added 2022/06/08 4:15 p.m.•23 views

Hardcoded credentials

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...

5CVSS7.2AI score0.01632EPSS
Exploits1References14Affected Software4
CVE
CVE
•added 2022/06/08 12:0 a.m.•78 views

CVE-2022-28382

CVE-2022-28382 concerns Verbatim drives where the firmware (INIC-3637EN/ENIC-3637EN) uses AES-256 in ECB mode. This deterministic block cipher mode encrypts identical 16-byte blocks to identical ciphertext, enabling potential leakage of information from encrypted data (e.g., bitmap-like content)....

7.5CVSS7.2AI score0.01632EPSS
Exploits1References14Affected Software1
Cvelist
Cvelist
•added 2022/06/08 12:0 a.m.•26 views

CVE-2022-28383

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to insufficient firmware validation, an attacker can store malicious firmware code for the USB-to-SATA bridge controller on the USB drive e.g., by leveraging physical access during the supply chain. This code is then...

6.7AI score0.00585EPSS
Exploits1References14
Cvelist
Cvelist
•added 2022/06/08 12:0 a.m.•36 views

CVE-2022-28382

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...

7.4AI score0.01632EPSS
Exploits1References14
Rows per page
Query Builder