CVE-2022-28387

Name of the Vulnerable Software and Affected Versions Verbatim Executive Fingerprint Secure SSD GDMSFE01-INI3637-C version VER1.1 Verbatim Fingerprint Secure Portable Hard Drive Part Number #53650 (affected versions not specified)

Description An issue was discovered in certain Verbatim drives due to an insecure design, allowing them to be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can use an undocumented IOCTL command that retrieves the correct password.

Recommendations For Verbatim Executive Fingerprint Secure SSD GDMSFE01-INI3637-C version VER1.1, consider disabling the use of the undocumented IOCTL command until a patch is available. For Verbatim Fingerprint Secure Portable Hard Drive Part Number #53650, at the moment, there is no information about a newer version that contains a fix for this vulnerability.