Search criteria
3 vulnerabilities found for cruzer_enterprise_firmware by sandisk
FKIE_CVE-2010-0225
Vulnerability from fkie_nvd - Published: 2010-01-07 19:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sandisk | cruzer_enterprise_firmware | - | |
| sandisk | cruzer_enterprise | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sandisk:cruzer_enterprise_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA15FFAF-2079-474F-BCC6-2753C235A95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sandisk:cruzer_enterprise:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B40829F-FB39-46EE-9F6B-1B8EC120634E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key."
},
{
"lang": "es",
"value": "Los dispositivos flash USB SanDisk Cruzer Enterprise utilizan una soluci\u00f3n de clave de 256-bit para obtener acceso al contenido del dispositivo en texto plano, lo que hace m\u00e1s f\u00e1cil a atacantes f\u00edsicamente pr\u00f3ximos leer o modificar informaci\u00f3n determinando y proporcionando esta clave."
}
],
"id": "CVE-2010-0225",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-01-07T19:30:00.607",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/37677"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0078"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/37677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0078"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2010-0225 (GCVE-0-2010-0225)
Vulnerability from cvelistv5 – Published: 2010-01-07 19:00 – Updated: 2024-08-07 00:45
VLAI?
Summary
SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:11.236Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf"
},
{
"name": "ADV-2010-0078",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0078"
},
{
"name": "37677",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37677"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-03-26T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf"
},
{
"name": "ADV-2010-0078",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0078"
},
{
"name": "37677",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37677"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0225",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9",
"refsource": "MISC",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9"
},
{
"name": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009",
"refsource": "MISC",
"url": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009"
},
{
"name": "http://it.slashdot.org/story/10/01/05/1734242/",
"refsource": "MISC",
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"name": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html",
"refsource": "MISC",
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"name": "http://blogs.zdnet.com/hardware/?p=6655",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"name": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf",
"refsource": "MISC",
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf"
},
{
"name": "ADV-2010-0078",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0078"
},
{
"name": "37677",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37677"
},
{
"name": "https://www.ironkey.com/usb-flash-drive-flaw-exposed",
"refsource": "MISC",
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0225",
"datePublished": "2010-01-07T19:00:00",
"dateReserved": "2010-01-07T00:00:00",
"dateUpdated": "2024-08-07T00:45:11.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0225 (GCVE-0-2010-0225)
Vulnerability from nvd – Published: 2010-01-07 19:00 – Updated: 2024-08-07 00:45
VLAI?
Summary
SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:11.236Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf"
},
{
"name": "ADV-2010-0078",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0078"
},
{
"name": "37677",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37677"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-03-26T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf"
},
{
"name": "ADV-2010-0078",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0078"
},
{
"name": "37677",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37677"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0225",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9",
"refsource": "MISC",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9"
},
{
"name": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009",
"refsource": "MISC",
"url": "http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009"
},
{
"name": "http://it.slashdot.org/story/10/01/05/1734242/",
"refsource": "MISC",
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"name": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html",
"refsource": "MISC",
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"name": "http://blogs.zdnet.com/hardware/?p=6655",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"name": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf",
"refsource": "MISC",
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf"
},
{
"name": "ADV-2010-0078",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0078"
},
{
"name": "37677",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37677"
},
{
"name": "https://www.ironkey.com/usb-flash-drive-flaw-exposed",
"refsource": "MISC",
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0225",
"datePublished": "2010-01-07T19:00:00",
"dateReserved": "2010-01-07T00:00:00",
"dateUpdated": "2024-08-07T00:45:11.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}