CVE-2010-0222 : Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Editio

Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key.

Published 2010-01-07 19:30:00

Updated 2018-08-13 21:47:35

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2010-0222

Probability of exploitation activity in the next 30 days: 0.05%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 18 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2010-0222

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2010-0222

CWE-310

Assigned by: nvd@nist.gov (Primary)

References for CVE-2010-0222

http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html

NIST-certified USB Flash drives with hardware encryption cracked - The H Security: News and Features

CVEs referencing this url
http://www.vupen.com/english/advisories/2010/0080

Webmail | OVH- OVH

CVEs referencing this url
http://it.slashdot.org/story/10/01/05/1734242/

Encryption Cracked On NIST-Certified Flash Drives - Slashdot

CVEs referencing this url
http://blogs.zdnet.com/hardware/?p=6655

Blogs | ZDNet

CVEs referencing this url
https://www.ironkey.com/usb-flash-drive-flaw-exposed

404 Not Found

CVEs referencing this url
http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf

Fehler 404 - Seite nicht gefunden

CVEs referencing this url
http://www.kingston.com/driveupdate/

404 Not Found
Vendor Advisory

CVEs referencing this url
http://news.zdnet.co.uk/security/0,1000000189,39963327,00.htm

Technology News, Analysis, Comments and Product Reviews for IT Professionals | ZDNet

CVEs referencing this url
http://www.syss.de/index.php?id=108&tx_ttnews[tt_news]=528&cHash=8d16fa63d9

Page Not Found

CVEs referencing this url

Products affected by CVE-2010-0222

Kingston » Datatraveler Blackbox
cpe:2.3:h:kingston:datatraveler_blackbox:*:*:*:*:*:*:*:*
Matching versions
Kingston » Datatraveler Secure » Privacy Edition
cpe:2.3:h:kingston:datatraveler_secure:*:*:privacy:*:*:*:*:*
Matching versions
Kingston » Datatraveler Elite » Privacy Edition
cpe:2.3:h:kingston:datatraveler_elite:*:*:privacy:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2010-0222

Exploit prediction scoring system (EPSS) score for CVE-2010-0222

CVSS scores for CVE-2010-0222

CWE ids for CVE-2010-0222

References for CVE-2010-0222

Products affected by CVE-2010-0222