CVE-2019-10705

Western Digital SanDisk X600 devices in certain configurations, a vulnerability in the access control mechanism of the drive may allow data to be decrypted without knowledge of proper authentication credentials.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-128g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-128g:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-256g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-256g:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-512g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-512g:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-1t00_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-1t00:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-2t00_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-2t00:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-128g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-128g:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-256g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-256g:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-512g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-512g:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-1t00_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-1t00:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-2t00_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-2t00:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-128g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-128g:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-256g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-256g:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-512g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-512g:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-1t00_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-1t00:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-2t00_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-2t00:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-128g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-128g:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-256g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-256g:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-512g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-512g:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-1t00_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-1t00:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-2t00_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-2t00:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:19

Type Values Removed Values Added
References () https://support.wdc.com/cat_products.aspx?ID=6&lang=en - Product, Vendor Advisory () https://support.wdc.com/cat_products.aspx?ID=6&lang=en - Product, Vendor Advisory
References () https://www.westerndigital.com/support/productsecurity/wdc-19006-sandisk-x600-sata-ssd - Vendor Advisory () https://www.westerndigital.com/support/productsecurity/wdc-19006-sandisk-x600-sata-ssd - Vendor Advisory
References () https://www.westerndigital.com/support/productsecurity/wdc-19007-sandisk-x300-x400-sata-ssd - Not Applicable () https://www.westerndigital.com/support/productsecurity/wdc-19007-sandisk-x300-x400-sata-ssd - Not Applicable

Information

Published : 2020-03-10 15:15

Updated : 2024-11-21 04:19


NVD link : CVE-2019-10705

Mitre link : CVE-2019-10705

CVE.ORG link : CVE-2019-10705


JSON object : View

Products Affected

westerndigital

  • sandisk_x600_sd9tn8w-512g
  • sandisk_x600_sd9sb8w-1t00
  • sandisk_x600_sd9tb8w-256g
  • sandisk_x600_sd9sb8w-2t00
  • sandisk_x600_sd9tb8w-1t00
  • sandisk_x600_sd9tb8w-512g
  • sandisk_x600_sd9tb8w-512g_firmware
  • sandisk_x600_sd9sn8w-1t00_firmware
  • sandisk_x600_sd9tb8w-2t00_firmware
  • sandisk_x600_sd9sn8w-128g
  • sandisk_x600_sd9tn8w-1t00
  • sandisk_x600_sd9sb8w-128g_firmware
  • sandisk_x600_sd9sb8w-512g
  • sandisk_x600_sd9tn8w-256g_firmware
  • sandisk_x600_sd9sb8w-256g_firmware
  • sandisk_x600_sd9sb8w-2t00_firmware
  • sandisk_x600_sd9sn8w-1t00
  • sandisk_x600_sd9sb8w-1t00_firmware
  • sandisk_x600_sd9tn8w-256g
  • sandisk_x600_sd9tn8w-128g_firmware
  • sandisk_x600_sd9tn8w-128g
  • sandisk_x600_sd9tb8w-256g_firmware
  • sandisk_x600_sd9sn8w-512g_firmware
  • sandisk_x600_sd9sn8w-2t00_firmware
  • sandisk_x600_sd9sb8w-512g_firmware
  • sandisk_x600_sd9sb8w-256g
  • sandisk_x600_sd9tb8w-2t00
  • sandisk_x600_sd9tb8w-1t00_firmware
  • sandisk_x600_sd9tn8w-1t00_firmware
  • sandisk_x600_sd9sn8w-256g
  • sandisk_x600_sd9tb8w-128g
  • sandisk_x600_sd9tb8w-128g_firmware
  • sandisk_x600_sd9sb8w-128g
  • sandisk_x600_sd9sn8w-128g_firmware
  • sandisk_x600_sd9sn8w-2t00
  • sandisk_x600_sd9sn8w-512g
  • sandisk_x600_sd9tn8w-2t00_firmware
  • sandisk_x600_sd9sn8w-256g_firmware
  • sandisk_x600_sd9tn8w-512g_firmware
  • sandisk_x600_sd9tn8w-2t00
CWE
CWE-522

Insufficiently Protected Credentials