CVE-2010-0222

2010-01-0719:00:00

mitre

www.cve.org

AI Score

6.4

Confidence

Low

EPSS

0.001

Percentile

20.6%

JSON

Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key.

References

blogs.zdnet.com/hardware/?p=6655

it.slashdot.org/story/10/01/05/1734242/

news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm

www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html

www.kingston.com/driveupdate/

www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf

www.syss.de/index.php?id=108&tx_ttnews%5Btt_news%5D=528&cHash=8d16fa63d9

www.vupen.com/english/advisories/2010/0080

www.ironkey.com/usb-flash-drive-flaw-exposed