1. Home
  2. CVE Database
  3. CVE-2015-7268
MEDIUM · 4.2

CVE-2015-7268

Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when used on Windows and operating in Opal mode on Lenovo ThinkPad T440s laptops with BIOS 2.32 or ...

Vulnerability Description

Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when used on Windows and operating in Opal mode on Lenovo ThinkPad T440s laptops with BIOS 2.32 or ThinkPad W541 laptops with BIOS 2.21, or in Opal or eDrive mode on Dell Latitude E6410 laptops with BIOS A16 or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by triggering a soft reset and booting from an alternative OS, aka a "Forced Restart Attack."

CVSS Score

4.2

MEDIUM

CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
Samsung850 Pro Firmware-
Samsung850 Pro-
SamsungPm851 Firmware-
SamsungPm851-
SeagateSt500Lt015 Firmware-
SeagateSt500Lt015-
SeagateSt500Lt025 Firmware-
SeagateSt500Lt025-

Related Weaknesses (CWE)

CWE-254

References

FAQ

What is CVE-2015-7268?

CVE-2015-7268 is a vulnerability with a CVSS score of 4.2 (MEDIUM). Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when used on Windows and operating in Opal mode on Lenovo ThinkPad T440s laptops with BIOS 2.32 or ...

How severe is CVE-2015-7268?

CVE-2015-7268 has been rated MEDIUM with a CVSS base score of 4.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-7268?

Check the references section above for vendor advisories and patch information. Affected products include: Samsung 850 Pro Firmware, Samsung 850 Pro, Samsung Pm851 Firmware, Samsung Pm851, Seagate St500Lt015 Firmware.