CVE-2018-12037
First published: Tue Nov 20 2018(Updated: )
An issue was discovered on Samsung 840 EVO and 850 EVO devices (only in "ATA high" mode, not vulnerable in "TCG" or "ATA max" mode), Samsung T3 and T5 portable drives, and Crucial MX100, MX200 and MX300 devices. Absence of a cryptographic link between the password and the Disk Encryption Key allows attackers with privileged access to SSD firmware full access to encrypted data.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung 840 Evo Firmware | ||
| Samsung 840 EVO | ||
| Samsung 850 Evo Firmware | ||
| Samsung 850 Evo | ||
| Samsung T3 Firmware | ||
| Samsung T3 | ||
| Samsung T5 Firmware | ||
| Samsung T5 | ||
| Micron Crucial Mx100 Firmware | ||
| Micron Crucial Mx100 | ||
| Micron Crucial Mx200 Firmware | ||
| Micron Crucial Mx200 | ||
| Micron Crucial Mx300 Firmware | ||
| Micron Crucial Mx300 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/type
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/samsung
- canonical/samsung 840 evo firmware
- canonical/samsung 840 evo
- canonical/samsung 850 evo firmware
- canonical/samsung 850 evo
- canonical/samsung t3 firmware
- canonical/samsung t3
- canonical/samsung t5 firmware
- canonical/samsung t5
- vendor/micron
- canonical/micron crucial mx100 firmware
- canonical/micron crucial mx100
- canonical/micron crucial mx200 firmware
- canonical/micron crucial mx200
- canonical/micron crucial mx300 firmware
- canonical/micron crucial mx300