Vulnerabilities (CVE)

Filtered by vendor Westerndigital Subscribe
Filtered by product Sandisk X300 Sd7sb6s-128g
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-11686 1 Westerndigital 118 Sandisk X300 Sd7sb6s-128g, Sandisk X300 Sd7sb6s-128g Firmware, Sandisk X300 Sd7sb6s-256g and 115 more 2024-11-21 2.1 LOW 5.5 MEDIUM
Western Digital SanDisk X300, X300s, X400, and X600 devices: A vulnerability in the wear-leveling algorithm of the drive may cause cryptographically sensitive parameters (such as data encryption keys) to remain on the drive media after their intended erasure.
CVE-2019-10706 1 Westerndigital 118 Sandisk X300 Sd7sb6s-128g, Sandisk X300 Sd7sb6s-128g Firmware, Sandisk X300 Sd7sb6s-256g and 115 more 2024-11-21 6.3 MEDIUM 6.3 MEDIUM
Western Digital SanDisk SanDisk X300, X300s, X400, and X600 devices: The firmware update authentication method relies on a symmetric HMAC digest. The key used to validate this digest is present in a protected area of the device, and if extracted could be used to install arbitrary firmware to other devices.