CVE-2022-38392 - Certain 5400 RPM hard drives, for laptops and other PCs in approximately 2005 and later, allow physi

CVE-2022-38392

Summary

Certain 5400 RPM hard drives, for laptops and other PCs in approximately 2005 and later, allow physically proximate attackers to cause a denial of service (device malfunction and system crash) via a resonant-frequency attack with the audio signal from the Rhythm Nation music video. A reported product is Seagate STDT4000100 763649053447.

References

https://devblogs.microsoft.com/oldnewthing/20220816-00/?p=106994
https://www.youtube.com/watch?v=nSvu9IDUjZw&t=416s
https://www.seagate.com/support/security/

Vulnerable Configurations

cpe:2.3:h:*:5400rmp_oem_harddrive:-:*:*:*:*:*:*:*
cpe:2.3:h:*:5400rmp_oem_harddrive:-:*:*:*:*:*:*:*

CVSS

Base:	None
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

09-09-2023 - 21:15

Published

17-08-2022 - 18:15

Last modified

09-09-2023 - 21:15