Description
Western Digital SanDisk X300, X300s, X400, and X600 devices: A vulnerability in the wear-leveling algorithm of the drive may cause cryptographically sensitive parameters (such as data encryption keys) to remain on the drive media after their intended erasure.
References (3)
Core 3
Core References
Not Applicable x_refsource_misc
https://support.wdc.com/downloads.aspx?g=907&lang=en
Broken Link x_refsource_misc
https://www.westerndigital.com/support/productsecurity/wdc-19007-sandisk-x300-x400-sata-s
Vendor Advisory x_refsource_misc
https://www.westerndigital.com/support/productsecurity/wdc-19006-sandisk-x600-sata-ssd
Scores
CVSS v3
5.5
EPSS
0.0019
EPSS Percentile
9.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-522
Status
published
Products (50)
westerndigital/sandisk_x300_sd7sb6s-128g_firmware
westerndigital/sandisk_x300_sd7sb6s-256g_firmware
westerndigital/sandisk_x300_sd7sb7s-010t_firmware
westerndigital/sandisk_x300_sd7sb7s-512g_firmware
westerndigital/sandisk_x300_sd7sf6s-128g_firmware
westerndigital/sandisk_x300_sd7sf6s-256g_firmware
westerndigital/sandisk_x300_sd7sf6s-512g_firmware
westerndigital/sandisk_x300_sd7sn6s-128g_firmware
westerndigital/sandisk_x300_sd7sn6s-256g_firmware
westerndigital/sandisk_x300_sd7sn6s-512g_firmware
... and 40 more
Published
Mar 10, 2020
Tracked Since
Feb 18, 2026