CVE-2019-10705
HIGHWesterndigital Sandisk X600 Sd9tb8w-1... - Insufficiently Protected Credentials
Title source: ruleDescription
Western Digital SanDisk X600 devices in certain configurations, a vulnerability in the access control mechanism of the drive may allow data to be decrypted without knowledge of proper authentication credentials.
References (3)
Scores
CVSS v3
7.5
EPSS
0.0035
EPSS Percentile
56.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Classification
CWE
CWE-522
Status
published
Affected Products (20)
westerndigital/sandisk_x600_sd9tb8w-128g_firmware
< x6112100
westerndigital/sandisk_x600_sd9tb8w-256g_firmware
< x6112100
westerndigital/sandisk_x600_sd9tb8w-512g_firmware
< x6112100
westerndigital/sandisk_x600_sd9tb8w-1t00_firmware
< x6112100
westerndigital/sandisk_x600_sd9tb8w-2t00_firmware
< x6112100
westerndigital/sandisk_x600_sd9tn8w-128g_firmware
< x6112100
westerndigital/sandisk_x600_sd9tn8w-256g_firmware
< x6112100
westerndigital/sandisk_x600_sd9tn8w-512g_firmware
< x6112100
westerndigital/sandisk_x600_sd9tn8w-1t00_firmware
< x6112100
westerndigital/sandisk_x600_sd9tn8w-2t00_firmware
< x6112100
westerndigital/sandisk_x600_sd9sb8w-128g_firmware
< x6112100
westerndigital/sandisk_x600_sd9sb8w-256g_firmware
< x6112100
westerndigital/sandisk_x600_sd9sb8w-512g_firmware
< x6112100
westerndigital/sandisk_x600_sd9sb8w-1t00_firmware
< x6112100
westerndigital/sandisk_x600_sd9sb8w-2t00_firmware
< x6112100
... and 5 more
Timeline
Published
Mar 10, 2020
Tracked Since
Feb 18, 2026