WDC Tracking Number: WDC-19006
Published: May 20, 2019
Last Updated: May 23, 2019
The SanDisk X600 SATA SED SSD is vulnerable to an attack where data stored and encrypted by the device may be decrypted without knowledge of proper authentication credentials. Additionally, the device is vulnerable to an attack where inauthentic firmware updates may be installed. A firmware update that addresses the protection of data stored on the drive is available.
To install the firmware update on the following model numbers, please download and install the SanDisk SSD Dashboard:
In the SanDisk SSD Dashboard application, select Tools/Firmware Update to check for and update the firmware on your drive.
For all other impacted model numbers, please contact your system vendor for the applicable firmware update.
Tracking number: WDC-19006
In the following configurations, a vulnerability in the access control mechanism of the drive may allow data to be decrypted without knowledge of proper authentication credentials.
Western Digital periodically retains the services of third-party firms to audit and test the security of our products. For this firmware patch, the security firm Trail of Bits was engaged to review the changes made to the cryptographic access control mechanism. In order to provide transparency to our customers, we have elected to make a summary of the audit report available to the public.
Mitigation
The following mitigations are available for this issue:
CVE Number: CVE-2019-10705
Reported by: Carlo Meijer (Radboud University, the Netherlands) and Bernard van Gastel (Radboud University, the Netherlands, Open University of the Netherlands)
A vulnerability in the wear-leveling algorithm of the drive may cause cryptographically sensitive parameters (such as data encryption keys) to remain on the drive media after their intended erasure.
Mitigation:
CVE Number: CVE-2019-11686
Reported by: Carlo Meijer (Radboud University, the Netherlands) and Bernard van Gastel (Radboud University, the Netherlands, Open University of the Netherlands)
Western Digital
The firmware update authentication method for affected devices relies on a symmetric HMAC digest. The key used to validate this digest is present in a protected area of the device, and if extracted could be used to install arbitrary firmware to any X600 device except those listed below.
The following model numbers are not affected by this issue:
CVE Number: CVE-2019-10706
Reported by: Carlo Meijer (Radboud University, the Netherlands) and Bernard van Gastel (Radboud University, the Netherlands, Open University of the Netherlands)
A vulnerability in the secure boot scheme may allow internally protected parameters to be extracted.
CVE Number: CVE-2019-10636
Reported by: Carlo Meijer (Radboud University, the Netherlands) and Bernard van Gastel (Radboud University, the Netherlands, Open University of the Netherlands)
WDC Tracking Number: WDC-19006
Published: May 20, 2019