Vulnerability Description
Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Verbatim | Corporate Secure | All versions |
Related Weaknesses (CWE)
References
- http://blogs.zdnet.com/hardware/?p=6655Not Applicable
- http://it.slashdot.org/story/10/01/05/1734242/Third Party Advisory
- http://securitytracker.com/id?1023409Third Party AdvisoryVDB Entry
- http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-Third Party Advisory
- http://www.verbatim.com/security/security-update.cfmVendor Advisory
- https://www.ironkey.com/usb-flash-drive-flaw-exposedBroken Link
- http://blogs.zdnet.com/hardware/?p=6655Not Applicable
- http://it.slashdot.org/story/10/01/05/1734242/Third Party Advisory
- http://securitytracker.com/id?1023409Third Party AdvisoryVDB Entry
- http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-Third Party Advisory
- http://www.verbatim.com/security/security-update.cfmVendor Advisory
- https://www.ironkey.com/usb-flash-drive-flaw-exposedBroken Link
FAQ
What is CVE-2010-0227?
CVE-2010-0227 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically pro...
How severe is CVE-2010-0227?
CVE-2010-0227 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-0227?
Check the references section above for vendor advisories and patch information. Affected products include: Verbatim Corporate Secure.