CVE-2012-4736

Name of the Vulnerable Software and Affected Versions Sophos SafeGuard Enterprise version 6.0

Description The issue arises when a volume-based encryption policy is enabled in conjunction with a user-defined key in the Device Encryption Client component. This configuration fails to properly block the use of exFAT USB flash drives, making it easier for local users to bypass intended access restrictions. Users can exploit this by copying sensitive information to a drive via multiple removal and reattach operations.

Recommendations For Sophos SafeGuard Enterprise version 6.0, consider disabling the use of exFAT USB flash drives or restricting access to sensitive information until a proper fix is applied. As a temporary workaround, restrict the ability to remove and reattach USB drives to minimize the risk of exploitation.