Description
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where they can remain indefinitely in certain situations, such as if the file is being edited when the user exits the application or if the application crashes.
References (1)
Core 1
Core References
Various Sources x_refsource_misc
https://medium.com/%40esterling_/cve-2017-16560-sandisk-secure-access-leaves-plain-text-copies-of-files-on-disk-4eabeca6bdbc
Scores
CVSS v3
4.3
EPSS
0.0042
EPSS Percentile
33.3%
Attack Vector
PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-922
Status
published
Products (1)
sandisk/secureaccess
3.01
Published
Nov 16, 2017
Tracked Since
Feb 18, 2026