Vulnerability Description
Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Verbatim | Corporate Secure | All versions |
Related Weaknesses (CWE)
References
- http://blogs.zdnet.com/hardware/?p=6655
- http://it.slashdot.org/story/10/01/05/1734242/
- http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-
- http://www.verbatim.com/security/security-update.cfmVendor Advisory
- https://www.ironkey.com/usb-flash-drive-flaw-exposed
- http://blogs.zdnet.com/hardware/?p=6655
- http://it.slashdot.org/story/10/01/05/1734242/
- http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-
- http://www.verbatim.com/security/security-update.cfmVendor Advisory
- https://www.ironkey.com/usb-flash-drive-flaw-exposed
FAQ
What is CVE-2010-0228?
CVE-2010-0228 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximat...
How severe is CVE-2010-0228?
CVE-2010-0228 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-0228?
Check the references section above for vendor advisories and patch information. Affected products include: Verbatim Corporate Secure.