Search
Find a vulnerability
Search criteria
2 vulnerabilities found for cruzer_enterprise_firmware by sandisk
CVE-2010-0225 (GCVE-0-2010-0225)
Vulnerability from nvd – Published: 2010-01-07 19:00 – Updated: 2024-08-07 00:45
VLAI
Summary
SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://www.syss.de/index.php?id=108&tx_ttnews%5Bt… | x_refsource_MISC |
| http://www.sandisk.com/business-solutions/enterpr… | x_refsource_MISC |
| http://it.slashdot.org/story/10/01/05/1734242/ | x_refsource_MISC |
| http://www.h-online.com/security/news/item/NIST-c… | x_refsource_MISC |
| http://blogs.zdnet.com/hardware/?p=6655 | x_refsource_MISC |
| http://www.syss.de/fileadmin/ressources/040_veroe… | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2010/0078 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/37677 | vdb-entryx_refsource_BID |
| https://www.ironkey.com/usb-flash-drive-flaw-exposed | x_refsource_MISC |
Date Public
2010-01-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:11.236Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf"
},
{
"name": "ADV-2010-0078",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0078"
},
{
"name": "37677",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37677"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-03-26T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf"
},
{
"name": "ADV-2010-0078",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0078"
},
{
"name": "37677",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37677"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0225",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9",
"refsource": "MISC",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9"
},
{
"name": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009",
"refsource": "MISC",
"url": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009"
},
{
"name": "http://it.slashdot.org/story/10/01/05/1734242/",
"refsource": "MISC",
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"name": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html",
"refsource": "MISC",
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"name": "http://blogs.zdnet.com/hardware/?p=6655",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"name": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf",
"refsource": "MISC",
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf"
},
{
"name": "ADV-2010-0078",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0078"
},
{
"name": "37677",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37677"
},
{
"name": "https://www.ironkey.com/usb-flash-drive-flaw-exposed",
"refsource": "MISC",
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0225",
"datePublished": "2010-01-07T19:00:00.000Z",
"dateReserved": "2010-01-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:45:11.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0225 (GCVE-0-2010-0225)
Vulnerability from cvelistv5 – Published: 2010-01-07 19:00 – Updated: 2024-08-07 00:45
VLAI
Summary
SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://www.syss.de/index.php?id=108&tx_ttnews%5Bt… | x_refsource_MISC |
| http://www.sandisk.com/business-solutions/enterpr… | x_refsource_MISC |
| http://it.slashdot.org/story/10/01/05/1734242/ | x_refsource_MISC |
| http://www.h-online.com/security/news/item/NIST-c… | x_refsource_MISC |
| http://blogs.zdnet.com/hardware/?p=6655 | x_refsource_MISC |
| http://www.syss.de/fileadmin/ressources/040_veroe… | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2010/0078 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/37677 | vdb-entryx_refsource_BID |
| https://www.ironkey.com/usb-flash-drive-flaw-exposed | x_refsource_MISC |
Date Public
2010-01-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:11.236Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf"
},
{
"name": "ADV-2010-0078",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0078"
},
{
"name": "37677",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37677"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-03-26T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf"
},
{
"name": "ADV-2010-0078",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0078"
},
{
"name": "37677",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37677"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0225",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9",
"refsource": "MISC",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9"
},
{
"name": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009",
"refsource": "MISC",
"url": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009"
},
{
"name": "http://it.slashdot.org/story/10/01/05/1734242/",
"refsource": "MISC",
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"name": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html",
"refsource": "MISC",
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"name": "http://blogs.zdnet.com/hardware/?p=6655",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"name": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf",
"refsource": "MISC",
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf"
},
{
"name": "ADV-2010-0078",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0078"
},
{
"name": "37677",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37677"
},
{
"name": "https://www.ironkey.com/usb-flash-drive-flaw-exposed",
"refsource": "MISC",
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0225",
"datePublished": "2010-01-07T19:00:00.000Z",
"dateReserved": "2010-01-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:45:11.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}