CVE-2015-7267

low-risk
Published 2017-11-27

Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS 2.32; ThinkPad W541 laptops with BIOS 2.21; Dell Latitude E6410 laptops with BIOS A16; or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by leveraging failure to detect when SATA drives are unplugged in Sleep Mode, aka a "Hot Plug attack."

Do I need to act?

-
0.06% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.2/10 Medium
PHYSICAL / HIGH complexity

Affected Products (4)

850 Pro Firmware
Pm851 Firmware
St500Lt015 Firmware
St500Lt025 Firmware

Affected Vendors

Samsung Seagate

References (4)

Technical Description https://www.blackhat.com/docs/eu-15/materials/eu-15-Boteanu-Bypassing-Self-Encry...
Technical Description https://www.infoworld.com/article/3004913/encryption/self-encrypting-drives-are-...
Technical Description https://www.blackhat.com/docs/eu-15/materials/eu-15-Boteanu-Bypassing-Self-Encry...
Technical Description https://www.infoworld.com/article/3004913/encryption/self-encrypting-drives-are-...
21
/ 100
low-risk
Severity 11/34 · Low
Exploitability 0/34 · Minimal
Exposure 10/34 · Low