CVE-2022-23005

Name of the Vulnerable Software and Affected Versions Western Digital UFS Host Boot ROM (affected versions not specified)

Description A weakness has been identified in the UFS standard that could result in a security issue. This issue may exist in systems where the Host boot ROM code implements the UFS Boot feature to boot from UFS compliant storage devices. The UFS Boot feature is provided by UFS devices to support platforms that need to download the system boot loader from external non-volatile storage locations. Adversaries may disable the boot capability or revert to an old boot loader code if the host boot ROM code is improperly implemented. UFS Host Boot ROM implementers may be impacted by this issue. UFS devices are only impacted when connected to a vulnerable UFS Host and are not independently impacted by this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this issue.