Seagate ST500LT015 Local Security Restriction Bypass Vulnerability (CVE-2015-7269)
Seagate ST500LT015 Local Security Restriction Bypass Vulnerability (CVE-2015-7269)
Release date:
Updated on:
Affected Systems:
Seagate Technology LLC ST500LT015
Description:
Bugtraq id: 102266
CVE (CAN) ID: CVE-2015-7269
Seagate is the world's largest manufacturer of hard drives, disks, and read/write heads.
When the Seagate ST500LT015 hard drive runs in eDrive mode of Lenovo ThinkPad W541, a security vulnerability exists, allowing attackers close to physical locations to bypass SED protection.
<* Source: vendor
*>
Suggestion:
Vendor patch:
Seagate Technology LLC
----------------------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Https://www.blackhat.com/docs/eu-15/materials/eu-15-Boteanu-Bypassing-Self-Encrypting-Drives-SED-In-Enterprise-Environments-wp.pdf
Https://www.seagate.com
Https://www.infoworld.com/article/3004913/encryption/self-encrypting-drives-are-hardly-any-better-than-software-based-encryption.html