Search criteria
2 vulnerabilities found for st500lt025 by seagate
VAR-201711-0015
Vulnerability from variot - Updated: 2025-04-20 23:32Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS 2.32; ThinkPad W541 laptops with BIOS 2.21; Dell Latitude E6410 laptops with BIOS A16; or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by leveraging failure to detect when SATA drives are unplugged in Sleep Mode, aka a "Hot Plug attack.". Samsung 850 Pro/PM851 Solid state drives and Seagate ST500LT015/ST500LT025 There are vulnerabilities in hard disk drives that can bypass security functions.Information may be obtained. LenovoThinkPadT440slaptop is a laptop from Lenovo China. The DellLatitudeE6410laptop is a laptop from Dell. Samsung850Pro, etc. are all hard drives used in laptops. The Samsung850Pro is a hard disk manufactured by Samsung in South Korea. The Seagate ST500LT015 is a hard drive manufactured by Seagate. There are security holes in the Samsung850Pro, PM851 SSD, SeagateST500LT015 and ST500LT025 hard drives on several devices. An attacker could exploit this vulnerability to bypass self-encrypting hard disk (SED) protection. Samsung/Seagate Self-Encrypting Drive Protection are prone to a local security-bypass vulnerability. This may aid in further attacks. The following products are vulnerable: Seagate ST500LT015 and ST500LT025 Samsung 850 Pro and PM851. Samsung 850 Pro etc. The following products are affected: Lenovo ThinkPad T440s laptop using BIOS version 2.32; ThinkPad W541 laptop using BIOS version 2.21; Dell Latitude E6410 laptop using BIOS version A16; Latitude E6430 laptop using BIOS version A16
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0015",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pm851",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": null
},
{
"model": "850 pro",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": null
},
{
"model": "pm851",
"scope": null,
"trust": 1.4,
"vendor": "samsung",
"version": null
},
{
"model": "st500lt015",
"scope": "eq",
"trust": 1.0,
"vendor": "seagate",
"version": null
},
{
"model": "st500lt025",
"scope": "eq",
"trust": 1.0,
"vendor": "seagate",
"version": null
},
{
"model": "st500lt015",
"scope": null,
"trust": 0.8,
"vendor": "seagate",
"version": null
},
{
"model": "st500lt025",
"scope": null,
"trust": 0.8,
"vendor": "seagate",
"version": null
},
{
"model": "850 pro",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "pro",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "850"
},
{
"model": "technology st500lt015",
"scope": null,
"trust": 0.6,
"vendor": "seagate",
"version": null
},
{
"model": "technology st500lt025",
"scope": null,
"trust": 0.6,
"vendor": "seagate",
"version": null
},
{
"model": "st500lt025",
"scope": "eq",
"trust": 0.3,
"vendor": "seagate",
"version": "0"
},
{
"model": "st500lt015",
"scope": "eq",
"trust": 0.3,
"vendor": "seagate",
"version": "0"
},
{
"model": "pm851",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "pro",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "8500"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38305"
},
{
"db": "BID",
"id": "102336"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008068"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1082"
},
{
"db": "NVD",
"id": "CVE-2015-7267"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:seagate:st500lt015_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:seagate:st500lt025_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:samsung:850_pro_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:samsung:pm851_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-008068"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Daniel Boteanu and Kevvie Fowler of KPMG.",
"sources": [
{
"db": "BID",
"id": "102336"
}
],
"trust": 0.3
},
"cve": "CVE-2015-7267",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2015-7267",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CNVD-2017-38305",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "VHN-85228",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.5,
"id": "CVE-2015-7267",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7267",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7267",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-38305",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-1082",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-85228",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38305"
},
{
"db": "VULHUB",
"id": "VHN-85228"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008068"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1082"
},
{
"db": "NVD",
"id": "CVE-2015-7267"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS 2.32; ThinkPad W541 laptops with BIOS 2.21; Dell Latitude E6410 laptops with BIOS A16; or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by leveraging failure to detect when SATA drives are unplugged in Sleep Mode, aka a \"Hot Plug attack.\". Samsung 850 Pro/PM851 Solid state drives and Seagate ST500LT015/ST500LT025 There are vulnerabilities in hard disk drives that can bypass security functions.Information may be obtained. LenovoThinkPadT440slaptop is a laptop from Lenovo China. The DellLatitudeE6410laptop is a laptop from Dell. Samsung850Pro, etc. are all hard drives used in laptops. The Samsung850Pro is a hard disk manufactured by Samsung in South Korea. The Seagate ST500LT015 is a hard drive manufactured by Seagate. There are security holes in the Samsung850Pro, PM851 SSD, SeagateST500LT015 and ST500LT025 hard drives on several devices. An attacker could exploit this vulnerability to bypass self-encrypting hard disk (SED) protection. Samsung/Seagate Self-Encrypting Drive Protection are prone to a local security-bypass vulnerability. This may aid in further attacks. \nThe following products are vulnerable:\nSeagate ST500LT015 and ST500LT025\nSamsung 850 Pro and PM851. Samsung 850 Pro etc. The following products are affected: Lenovo ThinkPad T440s laptop using BIOS version 2.32; ThinkPad W541 laptop using BIOS version 2.21; Dell Latitude E6410 laptop using BIOS version A16; Latitude E6430 laptop using BIOS version A16",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7267"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008068"
},
{
"db": "CNVD",
"id": "CNVD-2017-38305"
},
{
"db": "BID",
"id": "102336"
},
{
"db": "VULHUB",
"id": "VHN-85228"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7267",
"trust": 3.4
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008068",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1082",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-38305",
"trust": 0.6
},
{
"db": "BID",
"id": "102336",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-85228",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38305"
},
{
"db": "VULHUB",
"id": "VHN-85228"
},
{
"db": "BID",
"id": "102336"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008068"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1082"
},
{
"db": "NVD",
"id": "CVE-2015-7267"
}
]
},
"id": "VAR-201711-0015",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38305"
},
{
"db": "VULHUB",
"id": "VHN-85228"
}
],
"trust": 1.4942857200000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38305"
}
]
},
"last_update_date": "2025-04-20T23:32:03.075000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Samsung 850 Pro",
"trust": 0.8,
"url": "http://www.samsung.com/semiconductor/minisite/jp/ssd/consumer/850pro/"
},
{
"title": "Samsung PM851 Solid State Drive",
"trust": 0.8,
"url": "https://www.samsung.com/us/business/oem-solutions/pdfs/PM851-SSD-ProdOverview.pdf"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.seagate.com/jp/ja/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-008068"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-254",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85228"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008068"
},
{
"db": "NVD",
"id": "CVE-2015-7267"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://www.blackhat.com/docs/eu-15/materials/eu-15-boteanu-bypassing-self-encrypting-drives-sed-in-enterprise-environments-wp.pdf"
},
{
"trust": 2.0,
"url": "https://www.infoworld.com/article/3004913/encryption/self-encrypting-drives-are-hardly-any-better-than-software-based-encryption.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7267"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7267"
},
{
"trust": 0.3,
"url": "www.samsung.com"
},
{
"trust": 0.3,
"url": "https://www.seagate.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38305"
},
{
"db": "VULHUB",
"id": "VHN-85228"
},
{
"db": "BID",
"id": "102336"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008068"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1082"
},
{
"db": "NVD",
"id": "CVE-2015-7267"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-38305"
},
{
"db": "VULHUB",
"id": "VHN-85228"
},
{
"db": "BID",
"id": "102336"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008068"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1082"
},
{
"db": "NVD",
"id": "CVE-2015-7267"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-38305"
},
{
"date": "2017-11-27T00:00:00",
"db": "VULHUB",
"id": "VHN-85228"
},
{
"date": "2017-11-27T00:00:00",
"db": "BID",
"id": "102336"
},
{
"date": "2018-01-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-008068"
},
{
"date": "2017-11-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-1082"
},
{
"date": "2017-11-27T22:29:00.237000",
"db": "NVD",
"id": "CVE-2015-7267"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-38305"
},
{
"date": "2017-12-20T00:00:00",
"db": "VULHUB",
"id": "VHN-85228"
},
{
"date": "2017-11-27T00:00:00",
"db": "BID",
"id": "102336"
},
{
"date": "2018-01-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-008068"
},
{
"date": "2017-11-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-1082"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2015-7267"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "102336"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1082"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung 850 Pro/PM851 of SSD and Seagate ST500LT015/ST500LT025 of HDD Vulnerabilities that bypass security functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-008068"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-1082"
}
],
"trust": 0.6
}
}
VAR-201711-0010
Vulnerability from variot - Updated: 2025-04-20 23:25Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when used on Windows and operating in Opal mode on Lenovo ThinkPad T440s laptops with BIOS 2.32 or ThinkPad W541 laptops with BIOS 2.21, or in Opal or eDrive mode on Dell Latitude E6410 laptops with BIOS A16 or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by triggering a soft reset and booting from an alternative OS, aka a "Forced Restart Attack.". Samsung 850 Pro/PM851 Solid state drives and Seagate ST500LT015/ST500LT025 There are vulnerabilities in hard disk drives that can bypass security functions.Information may be obtained. LenovoThinkPadT440slaptop is a laptop from Lenovo China. The DellLatitudeE6410laptop is a laptop from Dell. Samsung850Pro, etc. are all hard drives used in laptops. The Samsung850Pro is a hard disk manufactured by Samsung in South Korea. The Seagate ST500LT015 is a hard drive manufactured by Seagate. There are security holes in the Samsung850Pro, PM851 SSD, SeagateST500LT015 and ST500LT025 hard drives on several devices. An attacker with a physical location approach can exploit the vulnerability to bypass self-encrypting hard disk protection by implementing a forced restart attack. Samsung/Seagate Self-Encrypting Drives Protection are prone to a local security-bypass vulnerability. This may aid in further attacks. The following products are vulnerable: Seagate ST500LT015 and ST500LT025 Samsung 850 Pro and PM851. Samsung 850 Pro etc. The following products are affected: Lenovo ThinkPad T440s laptop using BIOS version 2.32; ThinkPad W541 laptop using BIOS version 2.21; Dell Latitude E6410 laptop using BIOS version A16; Latitude E6430 laptop using BIOS version A16
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0010",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pm851",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": null
},
{
"model": "850 pro",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": null
},
{
"model": "pm851",
"scope": null,
"trust": 1.4,
"vendor": "samsung",
"version": null
},
{
"model": "st500lt015",
"scope": "eq",
"trust": 1.0,
"vendor": "seagate",
"version": null
},
{
"model": "st500lt025",
"scope": "eq",
"trust": 1.0,
"vendor": "seagate",
"version": null
},
{
"model": "st500lt015",
"scope": null,
"trust": 0.8,
"vendor": "seagate",
"version": null
},
{
"model": "st500lt025",
"scope": null,
"trust": 0.8,
"vendor": "seagate",
"version": null
},
{
"model": "850 pro",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "pro",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "850"
},
{
"model": "technology st500lt015",
"scope": null,
"trust": 0.6,
"vendor": "seagate",
"version": null
},
{
"model": "technology st500lt025",
"scope": null,
"trust": 0.6,
"vendor": "seagate",
"version": null
},
{
"model": "st500lt025",
"scope": "eq",
"trust": 0.3,
"vendor": "seagate",
"version": "0"
},
{
"model": "st500lt015",
"scope": "eq",
"trust": 0.3,
"vendor": "seagate",
"version": "0"
},
{
"model": "pm851",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "pro",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "8500"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38306"
},
{
"db": "BID",
"id": "102334"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008067"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1081"
},
{
"db": "NVD",
"id": "CVE-2015-7268"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:seagate:st500lt015_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:seagate:st500lt025_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:samsung:850_pro_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:samsung:pm851_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-008067"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Daniel Boteanu and Kevvie Fowler of KPMG.",
"sources": [
{
"db": "BID",
"id": "102334"
}
],
"trust": 0.3
},
"cve": "CVE-2015-7268",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2015-7268",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CNVD-2017-38306",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "VHN-85229",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.5,
"id": "CVE-2015-7268",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7268",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7268",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-38306",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-1081",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-85229",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38306"
},
{
"db": "VULHUB",
"id": "VHN-85229"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008067"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1081"
},
{
"db": "NVD",
"id": "CVE-2015-7268"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when used on Windows and operating in Opal mode on Lenovo ThinkPad T440s laptops with BIOS 2.32 or ThinkPad W541 laptops with BIOS 2.21, or in Opal or eDrive mode on Dell Latitude E6410 laptops with BIOS A16 or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by triggering a soft reset and booting from an alternative OS, aka a \"Forced Restart Attack.\". Samsung 850 Pro/PM851 Solid state drives and Seagate ST500LT015/ST500LT025 There are vulnerabilities in hard disk drives that can bypass security functions.Information may be obtained. LenovoThinkPadT440slaptop is a laptop from Lenovo China. The DellLatitudeE6410laptop is a laptop from Dell. Samsung850Pro, etc. are all hard drives used in laptops. The Samsung850Pro is a hard disk manufactured by Samsung in South Korea. The Seagate ST500LT015 is a hard drive manufactured by Seagate. There are security holes in the Samsung850Pro, PM851 SSD, SeagateST500LT015 and ST500LT025 hard drives on several devices. An attacker with a physical location approach can exploit the vulnerability to bypass self-encrypting hard disk protection by implementing a forced restart attack. Samsung/Seagate Self-Encrypting Drives Protection are prone to a local security-bypass vulnerability. This may aid in further attacks. \nThe following products are vulnerable:\nSeagate ST500LT015 and ST500LT025\nSamsung 850 Pro and PM851. Samsung 850 Pro etc. The following products are affected: Lenovo ThinkPad T440s laptop using BIOS version 2.32; ThinkPad W541 laptop using BIOS version 2.21; Dell Latitude E6410 laptop using BIOS version A16; Latitude E6430 laptop using BIOS version A16",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7268"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008067"
},
{
"db": "CNVD",
"id": "CNVD-2017-38306"
},
{
"db": "BID",
"id": "102334"
},
{
"db": "VULHUB",
"id": "VHN-85229"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7268",
"trust": 3.4
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008067",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1081",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-38306",
"trust": 0.6
},
{
"db": "BID",
"id": "102334",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-85229",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38306"
},
{
"db": "VULHUB",
"id": "VHN-85229"
},
{
"db": "BID",
"id": "102334"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008067"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1081"
},
{
"db": "NVD",
"id": "CVE-2015-7268"
}
]
},
"id": "VAR-201711-0010",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38306"
},
{
"db": "VULHUB",
"id": "VHN-85229"
}
],
"trust": 1.4942857200000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38306"
}
]
},
"last_update_date": "2025-04-20T23:25:55.683000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Samsung 850 Pro",
"trust": 0.8,
"url": "http://www.samsung.com/semiconductor/minisite/jp/ssd/consumer/850pro/"
},
{
"title": "Samsung PM851 Solid State Drive",
"trust": 0.8,
"url": "https://www.samsung.com/us/business/oem-solutions/pdfs/PM851-SSD-ProdOverview.pdf"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.seagate.com/jp/ja/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-008067"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-254",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85229"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008067"
},
{
"db": "NVD",
"id": "CVE-2015-7268"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://www.blackhat.com/docs/eu-15/materials/eu-15-boteanu-bypassing-self-encrypting-drives-sed-in-enterprise-environments-wp.pdf"
},
{
"trust": 2.0,
"url": "https://www.infoworld.com/article/3004913/encryption/self-encrypting-drives-are-hardly-any-better-than-software-based-encryption.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7268"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7268"
},
{
"trust": 0.3,
"url": "www.samsung.com"
},
{
"trust": 0.3,
"url": "https://www.seagate.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38306"
},
{
"db": "VULHUB",
"id": "VHN-85229"
},
{
"db": "BID",
"id": "102334"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008067"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1081"
},
{
"db": "NVD",
"id": "CVE-2015-7268"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-38306"
},
{
"db": "VULHUB",
"id": "VHN-85229"
},
{
"db": "BID",
"id": "102334"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008067"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1081"
},
{
"db": "NVD",
"id": "CVE-2015-7268"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-38306"
},
{
"date": "2017-11-27T00:00:00",
"db": "VULHUB",
"id": "VHN-85229"
},
{
"date": "2017-11-27T00:00:00",
"db": "BID",
"id": "102334"
},
{
"date": "2018-01-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-008067"
},
{
"date": "2017-11-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-1081"
},
{
"date": "2017-11-27T22:29:00.287000",
"db": "NVD",
"id": "CVE-2015-7268"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-38306"
},
{
"date": "2017-12-20T00:00:00",
"db": "VULHUB",
"id": "VHN-85229"
},
{
"date": "2017-11-27T00:00:00",
"db": "BID",
"id": "102334"
},
{
"date": "2018-01-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-008067"
},
{
"date": "2017-11-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-1081"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2015-7268"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "102334"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1081"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung 850 Pro/PM851 of SSD and Seagate ST500LT015/ST500LT025 of HDD Vulnerabilities that bypass security functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-008067"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-1081"
}
],
"trust": 0.6
}
}