CVE-2020-13799

Name of the Vulnerable Software and Affected Versions Western Digital iNAND devices through 2020-06-03

Description A security issue has been identified in the Replay Protected Memory Block (RPMB) protocol, which is used by storage devices to secure trusted firmware. This issue can be exploited in several scenarios, potentially allowing an attacker to affect the RPMB state without the knowledge of the trusted component. The issue can lead to authentication bypass via a capture-replay attack.

Recommendations For Western Digital iNAND devices through 2020-06-03, as a temporary workaround, consider restricting access to the RPMB feature until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.