Vulnerability Details : CVE-2010-0222
Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key.
Exploit prediction scoring system (EPSS) score for CVE-2010-0222
Probability of exploitation activity in the next 30 days: 0.05%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 18 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-0222
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
CWE ids for CVE-2010-0222
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-0222
-
http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html
NIST-certified USB Flash drives with hardware encryption cracked - The H Security: News and Features
-
http://www.vupen.com/english/advisories/2010/0080
Webmail | OVH- OVH
-
http://it.slashdot.org/story/10/01/05/1734242/
Encryption Cracked On NIST-Certified Flash Drives - Slashdot
-
http://blogs.zdnet.com/hardware/?p=6655
Blogs | ZDNet
-
https://www.ironkey.com/usb-flash-drive-flaw-exposed
404 Not Found
-
http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf
Fehler 404 - Seite nicht gefunden
-
http://www.kingston.com/driveupdate/
404 Not FoundVendor Advisory
-
http://news.zdnet.co.uk/security/0,1000000189,39963327,00.htm
Technology News, Analysis, Comments and Product Reviews for IT Professionals | ZDNet
-
http://www.syss.de/index.php?id=108&tx_ttnews[tt_news]=528&cHash=8d16fa63d9
Page Not Found
Products affected by CVE-2010-0222
- cpe:2.3:h:kingston:datatraveler_blackbox:*:*:*:*:*:*:*:*
- cpe:2.3:h:kingston:datatraveler_secure:*:*:privacy:*:*:*:*:*
- cpe:2.3:h:kingston:datatraveler_elite:*:*:privacy:*:*:*:*:*