CVE-2015-7267 - OpenCVE

Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS 2.32; ThinkPad W541 laptops with BIOS 2.21; Dell Latitude E6410 laptops with BIOS A16; or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by leveraging failure to detect when SATA drives are unplugged in Sleep Mode, aka a "Hot Plug attack."

No CVSS v3.1

Attack Vector Physical

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Samsung	Pm851 Firmware Pm851 850 Pro 850 Pro Firmware
Seagate	St500lt015 St500lt025 St500lt015 Firmware St500lt025 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:samsung:850_pro_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:850_pro:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:samsung:pm851_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:pm851:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:seagate:st500lt015_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:seagate:st500lt015:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:seagate:st500lt025_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:seagate:st500lt025:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.blackhat.com/docs/eu-15/materials/eu-15-Boteanu-Bypassing-Self-Encrypting-Drives-SED-In-Enterprise-Environments-wp.pdf	Technical Description Third Party Advisory
https://www.infoworld.com/article/3004913/encryption/self-encrypting-drives-are-hardly-any-better-than-software-based-encryption.html	Technical Description Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: certcc

Published: 2017-11-27T22:00:00

Updated: 2017-11-27T21:57:01

Reserved: 2015-09-18T00:00:00

Link: CVE-2015-7267

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-11-27T22:29:00.237

Modified: 2017-12-20T20:45:43.553

Link: CVE-2015-7267

JSON object: View

Redhat Information

No data.

CWE

CWE-254

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-11-02T00:00:00", "descriptions": [{"lang": "en", "value": "Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS 2.32; ThinkPad W541 laptops with BIOS 2.21; Dell Latitude E6410 laptops with BIOS A16; or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by leveraging failure to detect when SATA drives are unplugged in Sleep Mode, aka a \"Hot Plug attack.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-27T21:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.infoworld.com/article/3004913/encryption/self-encrypting-drives-are-hardly-any-better-than-software-based-encryption.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.blackhat.com/docs/eu-15/materials/eu-15-Boteanu-Bypassing-Self-Encrypting-Drives-SED-In-Enterprise-Environments-wp.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2015-7267", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS 2.32; ThinkPad W541 laptops with BIOS 2.21; Dell Latitude E6410 laptops with BIOS A16; or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by leveraging failure to detect when SATA drives are unplugged in Sleep Mode, aka a \"Hot Plug attack.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.infoworld.com/article/3004913/encryption/self-encrypting-drives-are-hardly-any-better-than-software-based-encryption.html", "refsource": "MISC", "url": "https://www.infoworld.com/article/3004913/encryption/self-encrypting-drives-are-hardly-any-better-than-software-based-encryption.html"}, {"name": "https://www.blackhat.com/docs/eu-15/materials/eu-15-Boteanu-Bypassing-Self-Encrypting-Drives-SED-In-Enterprise-Environments-wp.pdf", "refsource": "MISC", "url": "https://www.blackhat.com/docs/eu-15/materials/eu-15-Boteanu-Bypassing-Self-Encrypting-Drives-SED-In-Enterprise-Environments-wp.pdf"}]}}}}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2015-7267", "datePublished": "2017-11-27T22:00:00", "dateReserved": "2015-09-18T00:00:00", "dateUpdated": "2017-11-27T21:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:samsung:850_pro_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "32302DB9-927F-4232-88DF-11C134266EBB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:samsung:850_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "811049BE-1584-4E45-A157-1BEDBB74D6C0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:samsung:pm851_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9513E12E-A0EF-4789-8D2D-B97032C5A65C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:samsung:pm851:-:*:*:*:*:*:*:*", "matchCriteriaId": "8040B236-B936-4642-8CF7-237CE39EE7F0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:seagate:st500lt015_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "05C36534-C9F5-4FE1-B8C8-5BA6D021C5C7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:seagate:st500lt015:-:*:*:*:*:*:*:*", "matchCriteriaId": "E60BC85A-FE1F-44EB-A049-6EA987C48AE0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:seagate:st500lt025_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B999BEA-6A98-46B5-832F-76231DAA3BEA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:seagate:st500lt025:-:*:*:*:*:*:*:*", "matchCriteriaId": "C625B6AD-4665-42EF-91DD-F45180719768", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS 2.32; ThinkPad W541 laptops with BIOS 2.21; Dell Latitude E6410 laptops with BIOS A16; or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by leveraging failure to detect when SATA drives are unplugged in Sleep Mode, aka a \"Hot Plug attack.\""}, {"lang": "es", "value": "Las unidades de estado s\u00f3lido Samsung 850 Pro y PM851 y las unidades de disco duro Seagate ST500LT015 y ST500LT025, cuando est\u00e1n en modo de espera y operando en modo Opal o eDrive en port\u00e1tiles Lenovo ThinkPad T440s con BIOS 2.32; port\u00e1tiles ThinkPad W541 con BIOS 2.21; port\u00e1tiles Dell Latitude E6410 con BIOS A16; o port\u00e1tiles Latitude E6430 con BIOS A16, permiten que atacantes cercanos f\u00edsicamente omitan la protecci\u00f3n Self-Encrypting Drive (SED) aprovechando el fracaso a la hora de detectar cu\u00e1ndo est\u00e1n desconectados los discos SATA en modo de espera. Esto tambi\u00e9n se conoce como \"Hot Plug attack\"."}], "id": "CVE-2015-7267", "lastModified": "2017-12-20T20:45:43.553", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 0.5, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-11-27T22:29:00.237", "references": [{"source": "cret@cert.org", "tags": ["Technical Description", "Third Party Advisory"], "url": "https://www.blackhat.com/docs/eu-15/materials/eu-15-Boteanu-Bypassing-Self-Encrypting-Drives-SED-In-Enterprise-Environments-wp.pdf"}, {"source": "cret@cert.org", "tags": ["Technical Description", "Third Party Advisory"], "url": "https://www.infoworld.com/article/3004913/encryption/self-encrypting-drives-are-hardly-any-better-than-software-based-encryption.html"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-254"}], "source": "nvd@nist.gov", "type": "Primary"}]}