Last Updated:  December 8, 2021

Description

SanDisk SecureAccess 3.02 was using a one-way cryptographic hash with a predictable salt making it vulnerable to dictionary attacks by a malicious user. The software also made use of a password hash with insufficient computational effort that would allow an attacker to brute force user passwords leading to unauthorized access to user data.

Both the key derivation function issues described above have been resolved in SanDisk PrivateAccess Version 6.3.5. SanDisk SecureAccess has been rebranded to SanDisk PrivateAccess.

We urge our customers to install this software update immediately to keep their vaults secure. As with any upgrade, it is best to back up your data before installing the upgrade. Back up your data using the built-in Backup function in the Tools menu.

For complete instructions on how to upgrade please see:
https://kb.sandisk.com/app/answers/detail/a_id/23775