Medium severity4.2NVD Advisory· Published Nov 27, 2017· Updated Jun 17, 2026
CVE-2015-7267
CVE-2015-7267
Description
Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS 2.32; ThinkPad W541 laptops with BIOS 2.21; Dell Latitude E6410 laptops with BIOS A16; or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by leveraging failure to detect when SATA drives are unplugged in Sleep Mode, aka a "Hot Plug attack."
Affected products
12- cpe:2.3:o:samsung:850_pro_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:pm851_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:seagate:st500lt015_firmware:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:seagate:st500lt015_firmware:-:*:*:*:*:*:*:*
- (no CPE)
cpe:2.3:o:seagate:st500lt025_firmware:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:seagate:st500lt025_firmware:-:*:*:*:*:*:*:*
- (no CPE)
- Range: = BIOS A16
- Range: = BIOS A16
- Range: = BIOS 2.32
- Range: = BIOS 2.21
Patches
Vulnerability mechanics
References
2- www.blackhat.com/docs/eu-15/materials/eu-15-Boteanu-Bypassing-Self-Encrypting-Drives-SED-In-Enterprise-Environments-wp.pdfnvdTechnical DescriptionThird Party Advisory
- www.infoworld.com/article/3004913/encryption/self-encrypting-drives-are-hardly-any-better-than-software-based-encryption.htmlnvdTechnical DescriptionThird Party Advisory
News mentions
0No linked articles in our index yet.