Vulnerability Details : CVE-2010-0228
Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key.
Exploit prediction scoring system (EPSS) score for CVE-2010-0228
Probability of exploitation activity in the next 30 days: 0.05%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 12 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-0228
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
CWE ids for CVE-2010-0228
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-0228
-
http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html
NIST-certified USB Flash drives with hardware encryption cracked - The H Security: News and Features
-
http://it.slashdot.org/story/10/01/05/1734242/
Encryption Cracked On NIST-Certified Flash Drives - Slashdot
-
http://www.verbatim.com/security/security-update.cfm
Verbatim Europa - Verbruiksartikelen voor gegevensopslag, imaging en computersVendor Advisory
-
http://blogs.zdnet.com/hardware/?p=6655
Blogs | ZDNet
-
https://www.ironkey.com/usb-flash-drive-flaw-exposed
404 Not Found
Products affected by CVE-2010-0228
- cpe:2.3:h:verbatim:corporate_secure:*:*:fips:*:*:*:*:*
- cpe:2.3:h:verbatim:corporate_secure:*:*:*:*:*:*:*:*