#VU15756 Information disclosure in 850 EVO - CVE-2018-12038

Cybersecurity Help s.r.o.

Published: 2018-11-07

Vulnerability identifier: #VU15756

Vulnerability risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-12038

CWE-ID: CWE-200

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
850 EVO
Client/Desktop applications / Software for system administration

Vendor: Samsung

Description
The vulnerability allows a physical attacker to obtain potentially sensitive information on the target system.

The weakness exists due to key information is stored within a wear-leveled storage chip. A physical attacker can update a key with a new password and access previous version of the key (either unprotected, or with an old password), negating the need to know the updated password.

Mitigation
Install updates for the vulnerable products from vendors' websites.

Vulnerable software versions

850 EVO: All versions

External links
https://www.kb.cert.org/vuls/id/395981/

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Information disclosure in self-encrypting drives Micron and Samsung