CVE-2015-7268

Name of the Vulnerable Software and Affected Versions Samsung 850 Pro and PM851 solid-state drives versions (affected versions not specified) Seagate ST500LT015 and ST500LT025 hard disk drives versions (affected versions not specified) Lenovo ThinkPad T440s laptops with BIOS 2.32 Lenovo ThinkPad W541 laptops with BIOS 2.21 Dell Latitude E6410 laptops with BIOS A16 Dell Latitude E6430 laptops with BIOS A16

Description The issue allows physically proximate attackers to bypass self-encrypting drive (SED) protection by triggering a soft reset and booting from an alternative OS, also known as a "Forced Restart Attack." This occurs when the affected devices are used on Windows and operate in Opal mode on Lenovo laptops or in Opal or eDrive mode on Dell laptops.

Recommendations For Samsung 850 Pro and PM851 solid-state drives, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Seagate ST500LT015 and ST500LT025 hard disk drives, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Lenovo ThinkPad T440s laptops with BIOS 2.32, consider updating the BIOS to a version that is not vulnerable, if available. For Lenovo ThinkPad W541 laptops with BIOS 2.21, consider updating the BIOS to a version that is not vulnerable, if available. For Dell Latitude E6410 laptops with BIOS A16, consider updating the BIOS to a version that is not vulnerable, if available. For Dell Latitude E6430 laptops with BIOS A16, consider updating the BIOS to a version that is not vulnerable, if available.