← back
CVE-2019-10706

CVE-2019-10706

EPSS 0.3%
Western Digital SanDisk SanDisk X300, X300s, X400, and X600 devices: The firmware update authentication method relies on a symmetric HMAC digest. The key used to validate this digest is present in a protected area of the device, and if extracted could be used to install arbitrary firmware to other devices.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.wdc.com/cat_products.aspx?ID=6&lang=enhttps://www.westerndigital.com/support/productsecurity/wdc-19006-sandisk-x600-sata-ssdhttps://www.westerndigital.com/support/productsecurity/wdc-19007-sandisk-x300-x400-sata-ssd