Vulnerability Description
The Cellebrite UFED physical device 5.0 through 7.5.0.845 relies on key material hardcoded within both the executable code supporting the decryption process, and within the encrypted files themselves by using a key enveloping technique. The recovered key material is the same for every device running the same version of the software, and does not appear to be changed with each new build. It is possible to reconstruct the decryption process using the hardcoded key material and obtain easy access to otherwise protected data.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cellebrite | Ufed Firmware | >= 5.0, <= 7.5.0.845 |
| Cellebrite | Ufed | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/158254/Cellebrite-EPR-Decryption-Hardcoded-ExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2020/Jun/31ExploitMailing ListThird Party Advisory
- https://korelogic.com/Resources/Advisories/KL-001-2020-003.txtExploitThird Party Advisory
- http://packetstormsecurity.com/files/158254/Cellebrite-EPR-Decryption-Hardcoded-ExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2020/Jun/31ExploitMailing ListThird Party Advisory
- https://korelogic.com/Resources/Advisories/KL-001-2020-003.txtExploitThird Party Advisory
FAQ
What is CVE-2020-14474?
CVE-2020-14474 is a vulnerability with a CVSS score of 7.5 (HIGH). The Cellebrite UFED physical device 5.0 through 7.5.0.845 relies on key material hardcoded within both the executable code supporting the decryption process, and within the encrypted files themselves ...
How severe is CVE-2020-14474?
CVE-2020-14474 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-14474?
Check the references section above for vendor advisories and patch information. Affected products include: Cellebrite Ufed Firmware, Cellebrite Ufed.