← Back

CVE-2015-7267

nvd nist
Published: Nov 27, 2017Modified: May 13, 2026

JSON object

Loading...
4.2
Vector
CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 0.5 / Impact: 3.6
Source: NVD

Description

Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS 2.32; ThinkPad W541 laptops with BIOS 2.21; Dell Latitude E6410 laptops with BIOS A16; or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by leveraging failure to detect when SATA drives are unplugged in Sleep Mode, aka a "Hot Plug attack."

Affected (4)

Samsung
2 products
850 Pro Firmware
Pm851 Firmware
Seagate
2 products
St500lt015 Firmware
St500lt025 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
850 Pro Firmware
All versions
Running on/withPlatform Versions
Samsung
850 Pro
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Pm851 Firmware
All versions
Running on/withPlatform Versions
Samsung
Pm851
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
St500lt015 Firmware
All versions
Running on/withPlatform Versions
Seagate
St500lt015
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
St500lt025 Firmware
All versions
Running on/withPlatform Versions
Seagate
St500lt025
All versions

Related CWEs

CWE-254
CWE-254

References (4)

Source: cret@cert.org
Technical DescriptionThird Party Advisory
Source: cret@cert.org
Technical DescriptionThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Technical DescriptionThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Technical DescriptionThird Party Advisory

Timeline

No history available yet.