Unrated severityNVD Advisory· Published Jan 7, 2010· Updated Apr 23, 2026

CVE-2010-0223

Description

Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the cleartext drive contents by providing a key that was captured in a USB data stream at an earlier time.

Affected products

Kingston/Datatraveler Blackbox
cpe:2.3:h:kingston:datatraveler_blackbox:*:*:*:*:*:*:*:*
Kingston/Datatraveler Elite
cpe:2.3:h:kingston:datatraveler_elite:*:*:privacy:*:*:*:*:*
Kingston/Datatraveler Secure
cpe:2.3:h:kingston:datatraveler_secure:*:*:privacy:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kingston.com/driveupdate/nvdVendor Advisory
www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdfnvd
www.syss.de/index.phpnvd
www.vupen.com/english/advisories/2010/0080nvd
www.ironkey.com/usb-flash-drive-flaw-exposednvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000