CVE-2008-7020
McAfee SafeBoot Device Encryption 4 build 4750 and earlier - Information Disclosure via BIOS Keyboard Buffer
Title source: llmDescription
McAfee SafeBoot Device Encryption 4 build 4750 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/45275
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/31903
Various Sources x_refsource_misc
http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf
Various Sources x_refsource_misc
http://www.ivizsecurity.com/security-advisory-iviz-sr-08010.html
Mailing List mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2008/Sep/0378.html
Scores
EPSS
0.0003
EPSS Percentile
10.5%
Details
CWE
CWE-310
Status
published
Products (1)
mcafee/safeboot_device_encryption
4
Published
Aug 21, 2009
Tracked Since
Feb 18, 2026