Security Advisory

CVE-2019-10706

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-03-10 12:45:10

Last updated 2024-08-04 22:32:01

Assigner mitre

State PUBLISHED

Description

Western Digital SanDisk SanDisk X300, X300s, X400, and X600 devices: The firmware update authentication method relies on a symmetric HMAC digest. The key used to validate this digest is present in a protected area of the device, and if extracted could be used to install arbitrary firmware to other devices.

← Browse all CVEs View on cve.org ↗