Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-28384

Опубликовано: 08 июн. 2022
Источник: nvd
CVSS3: 5.5
CVSS2: 2.1
EPSS Низкий

Описание

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part Number #49428 and Store 'n' Go Secure Portable HDD GD25LK01-3637-C VER4.0.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:verbatim:keypad_secure_usb_3.2_gen_1_firmware:*:*:*:*:*:*:*:*
Версия до 2022-03-31 (включая)
cpe:2.3:h:verbatim:keypad_secure_usb_3.2_gen_1:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:o:verbatim:store_\'n\'_go_secure_portable_hdd_firmware:*:*:*:*:*:*:*:*
Версия до 2022-03-31 (включая)
cpe:2.3:h:verbatim:store_\'n\'_go_secure_portable_hdd:-:*:*:*:*:*:*:*

EPSS

Процентиль: 29%
0.00104
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-307

Связанные уязвимости

github логотип

GHSA-c8xv-5vhv-hv2h

CVSS3: 5.5
github
больше 3 лет назад

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part Number #49428 and Store 'n' Go Secure Portable HDD GD25LK01-3637-C VER4.0.

EPSS

Процентиль: 29%
0.00104
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-307