Vulnerabilities > CVE-2015-7268 - 7PK - Security Features vulnerability in multiple products

CVSS 4.2 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

high complexity

samsung

seagate

CWE-254

NVD

Published: 2017-11-27

Updated: 2017-12-20

Summary

Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when used on Windows and operating in Opal mode on Lenovo ThinkPad T440s laptops with BIOS 2.32 or ThinkPad W541 laptops with BIOS 2.21, or in Opal or eDrive mode on Dell Latitude E6410 laptops with BIOS A16 or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by triggering a soft reset and booting from an alternative OS, aka a "Forced Restart Attack."

Vulnerable Configurations

Part	Description	Count
OS	Samsung Samsung 850 PRO Firmware - Samsung Pm851 Firmware -	2
OS	Seagate Seagate St500Lt015 Firmware - Seagate St500Lt025 Firmware -	2
Hardware	Samsung Samsung 850 PRO - Samsung Pm851 -	2
Hardware	Seagate Seagate St500Lt015 - Seagate St500Lt025 -	2

Common Weakness Enumeration (CWE)

CWE-254 - 7PK - Security Features

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References