Sign-up

ID

VAR-201811-0025


CVE

CVE-2018-12038


TITLE

Self-encrypting hard drives do not adequately protect data

Trust: 0.8

sources: CERT/CC: VU#395981

DESCRIPTION

An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to the disk-encryption key. ATA Security mode and TCG OPAL There are multiple vulnerabilities in the self-encrypting drive product that implements the standard, which could allow the attacker to decrypt the contents of the encrypted drive. CVE-2018-12037 There is no cryptographic association between the password set by the user and the encryption key used for data encryption. This makes it possible to decrypt data without knowing the user-set password. CVE-2018-12038 Information about the data encryption key is recorded in a storage area with a wear leveling function. On devices with wear leveling, when data is updated, the data is written to a physically different location, so the original data may not be completely deleted. As a result, even after updating the data encryption key with a new password, there is a possibility of accessing the previous data encryption key that is not protected or protected with an old password.An attacker with physical access to a product affected by this vulnerability could decrypt the encrypted data. Self-Encrypting Drives are prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Samsung 840 EVO is a hard disk drive made by South Korea's Samsung (Samsung). , which may result in writing to different physical areas. An attacker in physical proximity could exploit this vulnerability to obtain passwords

Trust: 2.7

sources: NVD: CVE-2018-12038 // CERT/CC: VU#395981 // JVNDB: JVNDB-2018-009133 // BID: 105841 // VULHUB: VHN-121957

AFFECTED PRODUCTS

vendor:samsungmodel:840 evoscope:eqversion: -

Trust: 1.6

vendor:lenovomodel: - scope: - version: -

Trust: 0.8

vendor:micronmodel: - scope: - version: -

Trust: 0.8

vendor:microsoftmodel: - scope: - version: -

Trust: 0.8

vendor:samsung semiconductormodel: - scope: - version: -

Trust: 0.8

vendor:sandiskmodel: - scope: - version: -

Trust: 0.8

vendor:western digitalmodel: - scope: - version: -

Trust: 0.8

vendor:micronmodel:crucial mx100 drivescope:eqversion:(cve-2018-12037)

Trust: 0.8

vendor:micronmodel:crucial mx200 drivescope:eqversion:(cve-2018-12037)

Trust: 0.8

vendor:micronmodel:crucial mx300 drivescope:eqversion:(cve-2018-12037)

Trust: 0.8

vendor:samsungmodel:840 evo drivescope:eqversion:(cve-2018-12037)(cve-2018-12038)

Trust: 0.8

vendor:samsungmodel:850 evo drivescope:eqversion:(ata high it is affected in the case of mode. tcg mode or ata max the mode is not affected. )(cve-2018-12037)

Trust: 0.8

vendor:samsungmodel:portable drivescope:eqversion:t3 (cve-2018-12037)

Trust: 0.8

vendor:samsungmodel:portable drivescope:eqversion:t5 (cve-2018-12037)

Trust: 0.8

vendor:samsungmodel:evo drivesscope:eqversion:8400

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:20190

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:20160

Trust: 0.3

vendor:microsoftmodel:windows server r2scope:eqversion:20120

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:20120

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:18030

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:17090

Trust: 0.3

vendor:microsoftmodel:windows rtscope:eqversion:8.1

Trust: 0.3

vendor:microsoftmodel:windows for x64-based systemsscope:eqversion:8.10

Trust: 0.3

vendor:microsoftmodel:windows for 32-bit systemsscope:eqversion:8.10

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1018090

Trust: 0.3

vendor:microsoftmodel:windows version for arm64-based systemsscope:eqversion:1018090

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1018090

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1018030

Trust: 0.3

vendor:microsoftmodel:windows version for arm64-based systemsscope:eqversion:1018030

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1018030

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1017090

Trust: 0.3

vendor:microsoftmodel:windows version for arm64-based systemsscope:eqversion:1017090

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1017090

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1017030

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1017030

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1016070

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1016070

Trust: 0.3

vendor:microsoftmodel:windows for x64-based systemsscope:eqversion:100

Trust: 0.3

vendor:microsoftmodel:windows for 32-bit systemsscope:eqversion:100

Trust: 0.3

sources: CERT/CC: VU#395981 // BID: 105841 // JVNDB: JVNDB-2018-009133 // CNNVD: CNNVD-201811-170 // NVD: CVE-2018-12038

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-12038
value: MEDIUM

Trust: 1.0

JPCERT/CC: JVNDB-2018-009133
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201811-170
value: MEDIUM

Trust: 0.6

VULHUB: VHN-121957
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2018-12038
severity: LOW
baseScore: 1.9
vectorString: AV:L/AC:M/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.4
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

JPCERT/CC: JVNDB-2018-009133
severity: MEDIUM
baseScore: 6.3
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:N
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-121957
severity: LOW
baseScore: 1.9
vectorString: AV:L/AC:M/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.4
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-12038
baseSeverity: MEDIUM
baseScore: 4.2
vectorString: CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: PHYSICAL
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 0.5
impactScore: 3.6
version: 3.0

Trust: 1.0

JPCERT/CC: JVNDB-2018-009133
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-121957 // JVNDB: JVNDB-2018-009133 // CNNVD: CNNVD-201811-170 // NVD: CVE-2018-12038

PROBLEMTYPE DATA

problemtype:CWE-522

Trust: 1.1

problemtype:CWE-320

Trust: 0.1

sources: VULHUB: VHN-121957 // NVD: CVE-2018-12038

THREAT TYPE

local

Trust: 0.9

sources: BID: 105841 // CNNVD: CNNVD-201811-170

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201811-170

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-009133

PATCH
title:SSD Supporturl:http://www.crucial.com/usa/en/support-ssd-firmware
Trust: 0.8
title:BitLocker Group Policy Settingsurl:https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings
Trust: 0.8
title:Consumer Notice regarding Samsung SSDsurl:https://www.samsung.com/semiconductor/minisite/ssd/support/consumer-notice/
Trust: 0.8
title:Samsung Self-Encrypting Drives Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86643
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-009133 // 
            
            
            
            CNNVD: CNNVD-201811-170

EXTERNAL IDS
db:CERT/CCid:VU#395981
Trust: 3.6
db:NVDid:CVE-2018-12038
Trust: 2.8
db:BIDid:105841
Trust: 2.0
db:LENOVOid:LEN-25256
Trust: 1.4
db:JVNid:JVNVU90149383
Trust: 0.8
db:JVNDBid:JVNDB-2018-009133
Trust: 0.8
db:CNNVDid:CNNVD-201811-170
Trust: 0.7
db:VULHUBid:VHN-121957
Trust: 0.1
sources:
            
            
            CERT/CC: VU#395981 // 
            
            
            
            VULHUB: VHN-121957 // 
            
            
            
            BID: 105841 // 
            
            
            
            JVNDB: JVNDB-2018-009133 // 
            
            
            
            CNNVD: CNNVD-201811-170 // 
            
            
            
            NVD: CVE-2018-12038

REFERENCES
url:https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180028
Trust: 2.8
url:https://www.westerndigital.com/support/productsecurity/wdc-19006-sandisk-x600-sata-ssd
Trust: 2.4
url:https://support.lenovo.com/us/en/product_security/len-25256
Trust: 2.2
url:http://www.securityfocus.com/bid/105841
Trust: 1.7
url:http://www.kb.cert.org/vuls/id/395981
Trust: 1.7
url:https://security.netapp.com/advisory/ntap-20181112-0001/
Trust: 1.7
url:https://www.ru.nl/english/news-agenda/news/vm/icis/cyber-security/2018/radboud-university-researchers-discover-security/
Trust: 1.6
url:https://www.ncsc.nl/dienstverlening/response-op-dreigingen-en-incidenten/beveiligingsadviezen/ncsc-2018-0984+1.00+meerdere+kwetsbaarheden+ontdekt+in+implementaties+self-encrypting+drives.html
Trust: 1.6
url:https://www.ru.nl/publish/pages/909282/draft-paper.pdf
Trust: 0.8
url:https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj679890(v=ws.11)#configure-use-of-hardware-based-encryption-for-fixed-data-drives
Trust: 0.8
url:https://www.samsung.com/semiconductor/minisite/ssd/support/consumer-notice/
Trust: 0.8
url:https://www.crucial.com/usa/en/support-ssd-firmware/
Trust: 0.8
url:https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings#bkmk-hdefxd
Trust: 0.8
url:https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings#bkmk-hdeosd
Trust: 0.8
url:https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings#bkmk-hderdd
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12037
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12038
Trust: 0.8
url:https://jvn.jp/vu/jvnvu90149383/
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-12037
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-12038
Trust: 0.8
url:https://kb.cert.org/vuls/id/395981/
Trust: 0.8
url:http://www.crucial.com
Trust: 0.3
url:http://www.microsoft.com
Trust: 0.3
url:http://www.samsung.com/
Trust: 0.3
url:https://www.ru.nl/publish/pages/909275/draft-paper_1.pdf
Trust: 0.3
url:https://www.kb.cert.org/vuls/id/395981/
Trust: 0.3
sources:
            
            
            CERT/CC: VU#395981 // 
            
            
            
            VULHUB: VHN-121957 // 
            
            
            
            BID: 105841 // 
            
            
            
            JVNDB: JVNDB-2018-009133 // 
            
            
            
            CNNVD: CNNVD-201811-170 // 
            
            
            
            NVD: CVE-2018-12038

CREDITS
Carlo Meijer and Bernard van Gastel from the Dutch Radboud University
Trust: 0.3
sources:
            
            
            BID: 105841

SOURCES
db:CERT/CCid:VU#395981
db:VULHUBid:VHN-121957
db:BIDid:105841
db:JVNDBid:JVNDB-2018-009133
db:CNNVDid:CNNVD-201811-170
db:NVDid:CVE-2018-12038

LAST UPDATE DATE
2024-08-14T14:19:03.326000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#395981date:2019-11-14T00:00:00
db:VULHUBid:VHN-121957date:2020-08-24T00:00:00
db:BIDid:105841date:2018-11-06T00:00:00
db:JVNDBid:JVNDB-2018-009133date:2019-08-06T00:00:00
db:CNNVDid:CNNVD-201811-170date:2020-10-23T00:00:00
db:NVDid:CVE-2018-12038date:2020-08-24T17:37:01.140

SOURCES RELEASE DATE
db:CERT/CCid:VU#395981date:2018-11-06T00:00:00
db:VULHUBid:VHN-121957date:2018-11-20T00:00:00
db:BIDid:105841date:2018-11-06T00:00:00
db:JVNDBid:JVNDB-2018-009133date:2018-11-08T00:00:00
db:CNNVDid:CNNVD-201811-170date:2018-11-08T00:00:00
db:NVDid:CVE-2018-12038date:2018-11-20T19:29:00.353