CVE-2021-28653

The iOS and macOS apps before 1.4.1 for the Western Digital G-Technology ArmorLock NVMe SSD store keys insecurely. They choose a non-preferred storage mechanism if the device has Secure Enclave support but lacks biometric authentication hardware.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:westerndigital:armorlock:*:*:*:*:*:iphone_os:*:*
cpe:2.3:a:westerndigital:armorlock:*:*:*:*:*:macos:*:*

History

21 Nov 2024, 06:00

Type Values Removed Values Added
References () https://www.westerndigital.com/support/productsecurity/wdc-21003-armorLock-insecure-key-storage-vulnerability - Vendor Advisory () https://www.westerndigital.com/support/productsecurity/wdc-21003-armorLock-insecure-key-storage-vulnerability - Vendor Advisory

27 Aug 2021, 14:55

Type Values Removed Values Added
CPE cpe:2.3:a:westerndigital:armorlock:*:*:*:*:*:mac_os:*:* cpe:2.3:a:westerndigital:armorlock:*:*:*:*:*:macos:*:*

Information

Published : 2021-03-19 00:15

Updated : 2024-11-21 06:00


NVD link : CVE-2021-28653

Mitre link : CVE-2021-28653

CVE.ORG link : CVE-2021-28653


JSON object : View

Products Affected

westerndigital

  • armorlock
CWE
CWE-922

Insecure Storage of Sensitive Information