This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. The cookies is used to store the user consent for the cookies in the category "Necessary".
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". The cookie is used to store the user consent for the cookies in the category "Analytics". These cookies ensure basic functionalities and security features of the website, anonymously. Necessary cookies are absolutely essential for the website to function properly. The vulnerability (CVE-2021-36750) was fixed with the release of SanDisk PrivateAccess version 6.3.5. The new version now uses PBKDF2-SHA256 together with a randomly generated salt. To update the PrivateAccess Vault, you need the latest version of the iXpand Drive Mobile App or the Windows or macOS Desktop App. As a precaution, Western Digital recommends making a backup of the data with the integrated backup function before updating. “The software also used an insufficiently computational password hash that would allow an attacker to force user passwords through brute force, which would result in unauthorized access to user data.” We strongly recommend our customers to update this software immediately to protect their vault devices, “said Western Digital. SanDisk PrivateAccess, formerly known as SanDisk SecureAccess, is used to store and protect sensitive files on SanDisk USB flash drives. In the process, however, a vulnerability has now been discovered that undermines the extra protection for the data. This is reported by Bleeping Computer. “SanDisk SecureAccess 3.02 used a one-way cryptographic hash with a predictable salt, making it vulnerable to dictionary attacks by a malicious user,” said Western Digital in a newly released security advisory. Western Digital has now informed customers of a security vulnerability that allowed attackers to force the re-issue of SanDisk SecureAccess passwords and then access the users’ protected files. The security update has started.
0 kommentar(er)
