PT-2007-3367 · Secustick · Secustick Usb Flash Drive

Published

2007-04-13

Updated

2008-11-13

CVE-2007-2023

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Secustick USB flash drive (affected versions not specified)

Description The issue concerns the USB20.dll in the Secustick USB flash drive, where the authorization and file access routines are decoupled. This decoupling allows local users to bypass authentication requirements. The bypass is achieved by altering the return value of the VerifyPassWord function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-2023

Affected Products

Secustick Usb Flash Drive

PT-2007-3367 · Secustick · Secustick Usb Flash Drive

CVE-2007-2023

Related Identifiers

Affected Products

References · 4