CVE-2022-28385 : What You Need to Know
Learn about CVE-2022-28385 affecting certain Verbatim drives, allowing attackers to manipulate CD-ROM drive content, potentially compromising user data. Find out the impact, technical details, and mitigation steps.
A security vulnerability has been identified in certain Verbatim drives, allowing attackers to manipulate the content of the emulated CD-ROM drive by exploiting missing integrity checks. This could lead to the storage of malicious software on the drive, potentially compromising user data. Here's what you need to know about CVE-2022-28385.
Understanding CVE-2022-28385
This vulnerability affects Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1 and Fingerprint Secure Portable Hard Drive Part Number #53650.
What is CVE-2022-28385?
An issue in certain Verbatim drives through 2022-03-31 allows attackers to manipulate the CD-ROM drive's content, potentially storing and executing malicious software on the device.
The Impact of CVE-2022-28385
The vulnerability could be exploited by attackers with temporary physical access during the supply chain, jeopardizing the security of the user data stored on the affected drives.
Technical Details of CVE-2022-28385
Vulnerability Description
Due to missing integrity checks, attackers can manipulate the ISO-9660 image stored in the hidden sectors of the USB drive, leading to potential execution of malicious software on the emulated CD-ROM drive.
Affected Systems and Versions
The Verbatim products Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1 and Fingerprint Secure Portable Hard Drive Part Number #53650 are impacted by this vulnerability.
Exploitation Mechanism
Attackers can exploit the missing integrity checks to replace the ISO-9660 image with a malicious one, allowing for the execution of unauthorized software on the affected drives.
Mitigation and Prevention
Immediate Steps to Take
Users are advised to be cautious while using the affected Verbatim drives and consider alternative secure storage options until a patch is available.
Long-Term Security Practices
Implementing robust encryption and access control measures can help mitigate the risk of unauthorized access to user data stored on external drives.
Patching and Updates
Stay informed about security advisories and updates from Verbatim to promptly apply patches and enhancements that address the identified vulnerability.