{"vulnerability": "CVE-2022-2838", "sightings": [{"uuid": "b7838aec-fa24-422f-994f-12dd4197de48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28381", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "629938f0-f654-47f6-af2f-f8d4222cdf86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28381", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:45.000000Z"}, {"uuid": "4521bd57-6dee-4a64-8e0d-98916a87b137", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28381", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/cve_2022_28381_allmediaserver_bof.rb", "content": "", "creation_timestamp": "2022-04-04T19:32:45.000000Z"}, {"uuid": "3813adf7-c156-45d6-ab78-e922550b9062", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28381", "type": "seen", "source": "https://t.me/ShizoPrivacy/242", "content": "|CVE-2022-28381|\n\n\ud83d\udd25exploit\n\n\u0412 \u043c\u0435\u0434\u0438\u0430\u0441\u0435\u0440\u0432\u0435\u0440\u0435 ALLMediaServer \u0432\u0435\u0440\u0441\u0438\u0438 1.6 \u0432 \u0444\u0430\u0439\u043b\u0435 Mediaserver.exe \u0431\u044b\u043b\u0430 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 stack-based \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430. \u042d\u0442\u043e \u0434\u0430\u0451\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u0435(\u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443)  \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0447\u0435\u0440\u0435\u0437 \u0434\u043b\u0438\u043d\u043d\u0443\u044e \u0441\u0442\u0440\u043e\u043a\u0443 \u043d\u0430 888 \u043f\u043e\u0440\u0442(TCP). \n\u0412\u043e\u043e\u0431\u0449\u0435, \u043a\u0430\u043a \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u043b , \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u0432\u044b\u0448\u043b\u0430 \u0435\u0449\u0451 \u0432 2020 \u0433\u043e\u0434\u0443(\u043d\u043e\u044f\u0431\u0440\u044c). \u0410 \u0441\u0430\u043c\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0442\u044f\u043d\u0435\u0442\u0441\u044f \u0435\u0449\u0451 \u0438\u0437 CVE-2017-17932( \u043f\u043e\u0447\u0442\u0438 \u0442\u043e\u0436\u0435 \u0441\u0430\u043c\u043e\u0435 \u0447\u0442\u043e \u0438 \u0432 \u043d\u043e\u0432\u043e\u0439 CVE). \n\nIn the ALLMediaServer media server version 1.6 in the file Mediaserver.exe a vulnerability was found related to stack-based buffer overflow. This makes it possible for the attacking party (attacker) to remotely execute arbitrary code via a long line on port 888 (TCP).\nIn general, as I looked, the latest version was released back in 2020(November). And the problem itself stretches back from CVE-2017-17932(almost the same as in the new CVE).\n\n#cve", "creation_timestamp": "2022-04-06T14:21:06.000000Z"}, {"uuid": "ac6c174d-532a-4b0b-b523-6fa1c6fefffd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28384", "type": "seen", "source": "https://t.me/cibsecurity/44051", "content": "\u203c CVE-2022-28384 \u203c\n\nAn issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part Number #49428 and Store 'n' Go Secure Portable HDD GD25LK01-3637-C VER4.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-08T20:32:33.000000Z"}, {"uuid": "fd99077c-7263-4b52-bc7f-952e6b2bfa8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2838", "type": "seen", "source": "https://t.me/cibsecurity/48208", "content": "\u203c CVE-2022-2838 \u203c\n\nIn Eclipse Sphinx\u00e2\u201e\u00a2 before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-16T14:38:54.000000Z"}, {"uuid": "3b94d0ff-87b5-4549-b174-0e656c7033b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28383", "type": "seen", "source": "https://t.me/cibsecurity/44050", "content": "\u203c CVE-2022-28383 \u203c\n\nAn issue was discovered in certain Verbatim drives through 2022-03-31. Due to insufficient firmware validation, an attacker can store malicious firmware code for the USB-to-SATA bridge controller on the USB drive (e.g., by leveraging physical access during the supply chain). This code is then executed. This affects Keypad Secure USB 3.2 Gen 1 Drive Part Number #49428, Store 'n' Go Secure Portable HDD GD25LK01-3637-C VER4.0, Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1, and Fingerprint Secure Portable Hard Drive Part Number #53650.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-08T20:32:32.000000Z"}, {"uuid": "6e7499c7-904a-49ba-aaa5-24cc4a47237a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28387", "type": "seen", "source": "https://t.me/cibsecurity/44049", "content": "\u203c CVE-2022-28387 \u203c\n\nAn issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affects Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1 and Fingerprint Secure Portable Hard Drive Part Number #53650.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-08T20:32:31.000000Z"}, {"uuid": "b0b386bd-8ebd-4442-adcf-e27eaa851dbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28385", "type": "seen", "source": "https://t.me/cibsecurity/44048", "content": "\u203c CVE-2022-28385 \u203c\n\nAn issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity checks, an attacker can manipulate the content of the emulated CD-ROM drive (containing the Windows and macOS client software). The content of this emulated CD-ROM drive is stored as an ISO-9660 image in the hidden sectors of the USB drive, that can only be accessed using special IOCTL commands, or when installing the drive in an external disk enclosure. By manipulating this ISO-9660 image or replacing it with another one, an attacker is able to store malicious software on the emulated CD-ROM drive. This software may get executed by an unsuspecting victim when using the device. For example, an attacker with temporary physical access during the supply chain could program a modified ISO-9660 image on a device that always accepts an attacker-controlled password for unlocking the device. If the attacker later on gains access to the used USB drive, he can simply decrypt all contained user data. Storing arbitrary other malicious software is also possible. This affects Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1 and Fingerprint Secure Portable Hard Drive Part Number #53650.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-08T20:32:27.000000Z"}, {"uuid": "40653ba4-bdac-4ad7-b1de-ca5f69f41169", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28382", "type": "seen", "source": "https://t.me/cibsecurity/44046", "content": "\u203c CVE-2022-28382 \u203c\n\nAn issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode (Electronic Codebook, aka ECB), an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the USB-to-SATA bridge controller INIC-3637EN uses AES-256 with the ECB mode. This operation mode of block ciphers (e.g., AES) always encrypts identical plaintext data, in this case blocks of 16 bytes, to identical ciphertext data. For some data, for instance bitmap images, the lack of the cryptographic property called diffusion, within ECB, can leak sensitive information even in encrypted data. Thus, the use of the ECB operation mode can put the confidentiality of specific information at risk, even in an encrypted form. This affects Keypad Secure USB 3.2 Gen 1 Drive Part Number #49428, Store 'n' Go Secure Portable HDD GD25LK01-3637-C VER4.0, Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1, and Fingerprint Secure Portable Hard Drive Part Number #53650.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-08T20:32:25.000000Z"}, {"uuid": "28c098be-7491-4ae1-bde2-225cddf426c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28386", "type": "seen", "source": "https://t.me/cibsecurity/44045", "content": "\u203c CVE-2022-28386 \u203c\n\nAn issue was discovered in certain Verbatim drives through 2022-03-31. The security feature for lockout (e.g., requiring a reformat of the drive after 20 failed unlock attempts) does not work as specified. More than 20 attempts may be made. This affects Keypad Secure USB 3.2 Gen 1 Drive Part Number #49428 and Store 'n' Go Secure Portable HDD GD25LK01-3637-C VER4.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-08T20:32:24.000000Z"}, {"uuid": "b5918f47-76fc-4d60-9331-6d1ca61e35b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28380", "type": "seen", "source": "https://t.me/cibsecurity/40074", "content": "\u203c CVE-2022-28380 \u203c\n\nThe rc-httpd component through 2022-03-31 for 9front (Plan 9 fork) allows ..%2f directory traversal if serve-static is used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-03T22:26:57.000000Z"}, {"uuid": "61500ca7-ca3a-483c-a46b-af122a203ffa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28381", "type": "seen", "source": "https://t.me/cibsecurity/40069", "content": "\u203c CVE-2022-28381 \u203c\n\nMediaserver.exe in ALLMediaServer 1.6 has a stack-based buffer overflow that allows remote attackers to execute arbitrary code via a long string to TCP port 888, a related issue to CVE-2017-17932.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-03T22:26:52.000000Z"}, {"uuid": "2567861d-26e8-4395-87a3-49043613217d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28384", "type": "published-proof-of-concept", "source": "https://t.me/cultofwire/1097", "content": "Hacking Some More Secure USB Flash Drives\n\n\u0417\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0435 USB-\u0444\u043b\u0435\u0448\u043a\u0438 \u0432\u044b\u0433\u043b\u044f\u0434\u044f\u0442 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u0432\u0435\u043d\u0434\u043e\u0440\u044b \u0437\u0430\u0432\u043b\u0435\u043a\u0430\u044e\u0442 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u043c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c AES 256-bit, \u043d\u0435\u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u043c\u043e\u0441\u0442\u044c\u044e \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043f\u0440\u043e\u0447\u0435\u0439 \u0441\u0443\u043f\u0435\u0440\u043d\u0430\u0434\u0451\u0436\u043d\u043e\u0439 \u0441\u0435\u043a\u0443\u0440\u043d\u043e\u0441\u0442\u044c\u044e. \u041d\u043e \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0430 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0442\u0430\u043a\u0430\u044f \u0437\u0430\u0449\u0438\u0442\u0430 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043e\u0442 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u044b\u0445 \u043b\u044e\u0434\u0435\u0439, \u0438 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0437\u0430\u0449\u0438\u0442\u0430 \u043d\u0435 \u0442\u0430\u043a \u043d\u0430\u0434\u0451\u0436\u043d\u0430, \u043a\u0430\u043a \u0432\u0435\u0449\u0430\u044e\u0442 \u043c\u0430\u0440\u043a\u0435\u0442\u043e\u043b\u043e\u0433\u0438.\n\n\u0412 \u0440\u0443\u043a\u0438 SySS \u043f\u043e\u043f\u0430\u043b\u0438\u0441\u044c \u0434\u0432\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043e\u0442 Vibratim: Verbatim Keypad Secure \u0438 Verbatim Executive Fingerprint Secure SSD.\n\u041e\u0431\u0430 \u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044f \u043f\u043e \u0441\u0443\u0442\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u043a\u0435\u0439\u0441\u043e\u043c \u0434\u043b\u044f M.2 SSD \u0441 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u0432\u044f\u0437\u043a\u043e\u0439 \u0432\u0440\u043e\u0434\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432 \u0438 \u043f\u0438\u043d\u043f\u0430\u0434\u043e\u0432\\\u0441\u043a\u0430\u043d\u0435\u0440\u0430 \u043e\u0442\u043f\u0435\u0447\u0430\u0442\u043a\u043e\u0432.\n\nHacking Some More Secure USB Flash Drives (Part I) \n\u041f\u0435\u0440\u0432\u044b\u043c \u043d\u0430 \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u043f\u0430\u043b Verbatim Keypad Secure.\n\u0412\u0435\u043d\u0434\u043e\u0440\u043e\u043c \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u0447\u0442\u043e \u043f\u0435\u0440\u0435\u0431\u043e\u0440 \u043f\u0430\u0440\u043e\u043b\u044f \u043d\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u0435\u043d, \u043d\u0430 \u0432\u0432\u043e\u0434 \u043f\u0430\u0440\u043e\u043b\u044f \u0434\u0430\u0451\u0442\u0441\u044f 20 \u043f\u043e\u043f\u044b\u0442\u043e\u043a, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044c \u043f\u0435\u0440\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u0435\u0442\u0441\u044f, \u043e\u0434\u043d\u0430\u043a\u043e \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u044d\u0442\u0430 \u0437\u0430\u0449\u0438\u0442\u0430 \u043d\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442. \u0410\u043d\u0430\u043b\u0438\u0437 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0434\u0430\u043d\u043d\u044b\u0435 \u0432\u0441\u0451 \u0436\u0435 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u044e\u0442\u0441\u044f, \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f \u0434\u043b\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0445\u0440\u0430\u043d\u0438\u0442\u0441\u044f \u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u0431\u043b\u043e\u043a\u0435 \u043d\u0430 SSD, \u0430 \u0434\u043b\u0438\u043d\u043d\u0430 \u043f\u0430\u0440\u043e\u043b\u044f \u043e\u0442 5 \u0434\u043e 12 \u0446\u0438\u0444\u0440 \u0441\u0438\u043b\u044c\u043d\u043e \u0443\u043f\u0440\u043e\u0449\u0430\u0435\u0442 \u0434\u0435\u043b\u043e.\n\n\u041f\u043e\u043f\u0443\u0442\u043d\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 CVE:\nCVE-2022-28384\nCVE-2022-28382\nCVE-2022-28383\nCVE-2022-28386\n\nPoC: Hacking a Secure USB Flash Drive // Unauthorized Access to Verbatim Keypad Secure (CVE-2022-28384) \n\nHacking Some More Secure USB Flash Drives (Part II) \n\n\u0412\u0442\u043e\u0440\u044b\u043c \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u043b\u043e\u0432\u0430\u043b\u0441\u044f Verbatim Executive Fingerprint Secure SSD.\n \u0412 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u0441\u0451 \u0431\u044b\u043b\u043e \u0435\u0449\u0451 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0435\u0439, Executive Fingerprint Secure SSD \u044d\u043c\u0443\u043b\u0438\u0440\u0443\u0435\u0442 CD-\u043f\u0440\u0438\u0432\u043e\u0434 \u0441 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u043c \u041f\u041e, \u0445\u043e\u0442\u044c \u0432\u0441\u0451 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043e AES, \u043a\u043b\u044e\u0447 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0437\u0430\u0445\u0430\u0440\u0434\u043a\u043e\u0436\u0435\u043d.\n\n\u041f\u043e\u043f\u0443\u0442\u043d\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 CVE:\nCVE-2022-28387\nCVE-2022-28382\nCVE-2022-28383\nCVE-2022-28385\n\nPoC: Hacking Yet Another Secure USB Flash Drive // Verbatim Executive Fingerprint Secure (CVE-2022-28387) \n\n\u0413\u043e\u0442\u043e\u0432\u044b\u0445 \u0442\u0443\u043b\u043e\u0432 \u043d\u0435 \u043f\u043e\u043b\u043e\u0436\u0438\u043b\u0438, \u043d\u043e \u0432 \u0446\u0435\u043b\u043e\u043c \u044d\u0442\u043e \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e\u0435 \u043d\u0430\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u0435, \u0447\u0442\u043e \u043d\u0435\u043b\u044c\u0437\u044f \u0432 \u0441\u044a\u0435\u043c\u043d\u044b\u0445 \u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044f\u0445 \u043d\u0430\u0434\u0435\u044f\u0442\u044c\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0435 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435.", "creation_timestamp": "2023-11-07T17:22:02.000000Z"}, {"uuid": "309d19f9-b75d-4e35-b226-42fd817f20e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28386", "type": "published-proof-of-concept", "source": "https://t.me/cultofwire/1097", "content": "Hacking Some More Secure USB Flash Drives\n\n\u0417\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0435 USB-\u0444\u043b\u0435\u0448\u043a\u0438 \u0432\u044b\u0433\u043b\u044f\u0434\u044f\u0442 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u0432\u0435\u043d\u0434\u043e\u0440\u044b \u0437\u0430\u0432\u043b\u0435\u043a\u0430\u044e\u0442 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u043c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c AES 256-bit, \u043d\u0435\u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u043c\u043e\u0441\u0442\u044c\u044e \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043f\u0440\u043e\u0447\u0435\u0439 \u0441\u0443\u043f\u0435\u0440\u043d\u0430\u0434\u0451\u0436\u043d\u043e\u0439 \u0441\u0435\u043a\u0443\u0440\u043d\u043e\u0441\u0442\u044c\u044e. \u041d\u043e \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0430 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0442\u0430\u043a\u0430\u044f \u0437\u0430\u0449\u0438\u0442\u0430 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043e\u0442 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u044b\u0445 \u043b\u044e\u0434\u0435\u0439, \u0438 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0437\u0430\u0449\u0438\u0442\u0430 \u043d\u0435 \u0442\u0430\u043a \u043d\u0430\u0434\u0451\u0436\u043d\u0430, \u043a\u0430\u043a \u0432\u0435\u0449\u0430\u044e\u0442 \u043c\u0430\u0440\u043a\u0435\u0442\u043e\u043b\u043e\u0433\u0438.\n\n\u0412 \u0440\u0443\u043a\u0438 SySS \u043f\u043e\u043f\u0430\u043b\u0438\u0441\u044c \u0434\u0432\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043e\u0442 Vibratim: Verbatim Keypad Secure \u0438 Verbatim Executive Fingerprint Secure SSD.\n\u041e\u0431\u0430 \u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044f \u043f\u043e \u0441\u0443\u0442\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u043a\u0435\u0439\u0441\u043e\u043c \u0434\u043b\u044f M.2 SSD \u0441 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u0432\u044f\u0437\u043a\u043e\u0439 \u0432\u0440\u043e\u0434\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432 \u0438 \u043f\u0438\u043d\u043f\u0430\u0434\u043e\u0432\\\u0441\u043a\u0430\u043d\u0435\u0440\u0430 \u043e\u0442\u043f\u0435\u0447\u0430\u0442\u043a\u043e\u0432.\n\nHacking Some More Secure USB Flash Drives (Part I) \n\u041f\u0435\u0440\u0432\u044b\u043c \u043d\u0430 \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u043f\u0430\u043b Verbatim Keypad Secure.\n\u0412\u0435\u043d\u0434\u043e\u0440\u043e\u043c \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u0447\u0442\u043e \u043f\u0435\u0440\u0435\u0431\u043e\u0440 \u043f\u0430\u0440\u043e\u043b\u044f \u043d\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u0435\u043d, \u043d\u0430 \u0432\u0432\u043e\u0434 \u043f\u0430\u0440\u043e\u043b\u044f \u0434\u0430\u0451\u0442\u0441\u044f 20 \u043f\u043e\u043f\u044b\u0442\u043e\u043a, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044c \u043f\u0435\u0440\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u0435\u0442\u0441\u044f, \u043e\u0434\u043d\u0430\u043a\u043e \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u044d\u0442\u0430 \u0437\u0430\u0449\u0438\u0442\u0430 \u043d\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442. \u0410\u043d\u0430\u043b\u0438\u0437 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0434\u0430\u043d\u043d\u044b\u0435 \u0432\u0441\u0451 \u0436\u0435 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u044e\u0442\u0441\u044f, \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f \u0434\u043b\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0445\u0440\u0430\u043d\u0438\u0442\u0441\u044f \u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u0431\u043b\u043e\u043a\u0435 \u043d\u0430 SSD, \u0430 \u0434\u043b\u0438\u043d\u043d\u0430 \u043f\u0430\u0440\u043e\u043b\u044f \u043e\u0442 5 \u0434\u043e 12 \u0446\u0438\u0444\u0440 \u0441\u0438\u043b\u044c\u043d\u043e \u0443\u043f\u0440\u043e\u0449\u0430\u0435\u0442 \u0434\u0435\u043b\u043e.\n\n\u041f\u043e\u043f\u0443\u0442\u043d\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 CVE:\nCVE-2022-28384\nCVE-2022-28382\nCVE-2022-28383\nCVE-2022-28386\n\nPoC: Hacking a Secure USB Flash Drive // Unauthorized Access to Verbatim Keypad Secure (CVE-2022-28384) \n\nHacking Some More Secure USB Flash Drives (Part II) \n\n\u0412\u0442\u043e\u0440\u044b\u043c \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u043b\u043e\u0432\u0430\u043b\u0441\u044f Verbatim Executive Fingerprint Secure SSD.\n \u0412 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u0441\u0451 \u0431\u044b\u043b\u043e \u0435\u0449\u0451 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0435\u0439, Executive Fingerprint Secure SSD \u044d\u043c\u0443\u043b\u0438\u0440\u0443\u0435\u0442 CD-\u043f\u0440\u0438\u0432\u043e\u0434 \u0441 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u043c \u041f\u041e, \u0445\u043e\u0442\u044c \u0432\u0441\u0451 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043e AES, \u043a\u043b\u044e\u0447 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0437\u0430\u0445\u0430\u0440\u0434\u043a\u043e\u0436\u0435\u043d.\n\n\u041f\u043e\u043f\u0443\u0442\u043d\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 CVE:\nCVE-2022-28387\nCVE-2022-28382\nCVE-2022-28383\nCVE-2022-28385\n\nPoC: Hacking Yet Another Secure USB Flash Drive // Verbatim Executive Fingerprint Secure (CVE-2022-28387) \n\n\u0413\u043e\u0442\u043e\u0432\u044b\u0445 \u0442\u0443\u043b\u043e\u0432 \u043d\u0435 \u043f\u043e\u043b\u043e\u0436\u0438\u043b\u0438, \u043d\u043e \u0432 \u0446\u0435\u043b\u043e\u043c \u044d\u0442\u043e \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e\u0435 \u043d\u0430\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u0435, \u0447\u0442\u043e \u043d\u0435\u043b\u044c\u0437\u044f \u0432 \u0441\u044a\u0435\u043c\u043d\u044b\u0445 \u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044f\u0445 \u043d\u0430\u0434\u0435\u044f\u0442\u044c\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0435 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435.", "creation_timestamp": "2023-11-07T17:22:02.000000Z"}, {"uuid": "cdb3ea42-4cca-4119-899f-95b0d6b73e72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28382", "type": "published-proof-of-concept", "source": "https://t.me/cultofwire/1097", "content": "Hacking Some More Secure USB Flash Drives\n\n\u0417\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0435 USB-\u0444\u043b\u0435\u0448\u043a\u0438 \u0432\u044b\u0433\u043b\u044f\u0434\u044f\u0442 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u0432\u0435\u043d\u0434\u043e\u0440\u044b \u0437\u0430\u0432\u043b\u0435\u043a\u0430\u044e\u0442 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u043c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c AES 256-bit, \u043d\u0435\u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u043c\u043e\u0441\u0442\u044c\u044e \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043f\u0440\u043e\u0447\u0435\u0439 \u0441\u0443\u043f\u0435\u0440\u043d\u0430\u0434\u0451\u0436\u043d\u043e\u0439 \u0441\u0435\u043a\u0443\u0440\u043d\u043e\u0441\u0442\u044c\u044e. \u041d\u043e \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0430 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0442\u0430\u043a\u0430\u044f \u0437\u0430\u0449\u0438\u0442\u0430 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043e\u0442 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u044b\u0445 \u043b\u044e\u0434\u0435\u0439, \u0438 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0437\u0430\u0449\u0438\u0442\u0430 \u043d\u0435 \u0442\u0430\u043a \u043d\u0430\u0434\u0451\u0436\u043d\u0430, \u043a\u0430\u043a \u0432\u0435\u0449\u0430\u044e\u0442 \u043c\u0430\u0440\u043a\u0435\u0442\u043e\u043b\u043e\u0433\u0438.\n\n\u0412 \u0440\u0443\u043a\u0438 SySS \u043f\u043e\u043f\u0430\u043b\u0438\u0441\u044c \u0434\u0432\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043e\u0442 Vibratim: Verbatim Keypad Secure \u0438 Verbatim Executive Fingerprint Secure SSD.\n\u041e\u0431\u0430 \u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044f \u043f\u043e \u0441\u0443\u0442\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u043a\u0435\u0439\u0441\u043e\u043c \u0434\u043b\u044f M.2 SSD \u0441 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u0432\u044f\u0437\u043a\u043e\u0439 \u0432\u0440\u043e\u0434\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432 \u0438 \u043f\u0438\u043d\u043f\u0430\u0434\u043e\u0432\\\u0441\u043a\u0430\u043d\u0435\u0440\u0430 \u043e\u0442\u043f\u0435\u0447\u0430\u0442\u043a\u043e\u0432.\n\nHacking Some More Secure USB Flash Drives (Part I) \n\u041f\u0435\u0440\u0432\u044b\u043c \u043d\u0430 \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u043f\u0430\u043b Verbatim Keypad Secure.\n\u0412\u0435\u043d\u0434\u043e\u0440\u043e\u043c \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u0447\u0442\u043e \u043f\u0435\u0440\u0435\u0431\u043e\u0440 \u043f\u0430\u0440\u043e\u043b\u044f \u043d\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u0435\u043d, \u043d\u0430 \u0432\u0432\u043e\u0434 \u043f\u0430\u0440\u043e\u043b\u044f \u0434\u0430\u0451\u0442\u0441\u044f 20 \u043f\u043e\u043f\u044b\u0442\u043e\u043a, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044c \u043f\u0435\u0440\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u0435\u0442\u0441\u044f, \u043e\u0434\u043d\u0430\u043a\u043e \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u044d\u0442\u0430 \u0437\u0430\u0449\u0438\u0442\u0430 \u043d\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442. \u0410\u043d\u0430\u043b\u0438\u0437 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0434\u0430\u043d\u043d\u044b\u0435 \u0432\u0441\u0451 \u0436\u0435 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u044e\u0442\u0441\u044f, \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f \u0434\u043b\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0445\u0440\u0430\u043d\u0438\u0442\u0441\u044f \u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u0431\u043b\u043e\u043a\u0435 \u043d\u0430 SSD, \u0430 \u0434\u043b\u0438\u043d\u043d\u0430 \u043f\u0430\u0440\u043e\u043b\u044f \u043e\u0442 5 \u0434\u043e 12 \u0446\u0438\u0444\u0440 \u0441\u0438\u043b\u044c\u043d\u043e \u0443\u043f\u0440\u043e\u0449\u0430\u0435\u0442 \u0434\u0435\u043b\u043e.\n\n\u041f\u043e\u043f\u0443\u0442\u043d\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 CVE:\nCVE-2022-28384\nCVE-2022-28382\nCVE-2022-28383\nCVE-2022-28386\n\nPoC: Hacking a Secure USB Flash Drive // Unauthorized Access to Verbatim Keypad Secure (CVE-2022-28384) \n\nHacking Some More Secure USB Flash Drives (Part II) \n\n\u0412\u0442\u043e\u0440\u044b\u043c \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u043b\u043e\u0432\u0430\u043b\u0441\u044f Verbatim Executive Fingerprint Secure SSD.\n \u0412 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u0441\u0451 \u0431\u044b\u043b\u043e \u0435\u0449\u0451 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0435\u0439, Executive Fingerprint Secure SSD \u044d\u043c\u0443\u043b\u0438\u0440\u0443\u0435\u0442 CD-\u043f\u0440\u0438\u0432\u043e\u0434 \u0441 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u043c \u041f\u041e, \u0445\u043e\u0442\u044c \u0432\u0441\u0451 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043e AES, \u043a\u043b\u044e\u0447 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0437\u0430\u0445\u0430\u0440\u0434\u043a\u043e\u0436\u0435\u043d.\n\n\u041f\u043e\u043f\u0443\u0442\u043d\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 CVE:\nCVE-2022-28387\nCVE-2022-28382\nCVE-2022-28383\nCVE-2022-28385\n\nPoC: Hacking Yet Another Secure USB Flash Drive // Verbatim Executive Fingerprint Secure (CVE-2022-28387) \n\n\u0413\u043e\u0442\u043e\u0432\u044b\u0445 \u0442\u0443\u043b\u043e\u0432 \u043d\u0435 \u043f\u043e\u043b\u043e\u0436\u0438\u043b\u0438, \u043d\u043e \u0432 \u0446\u0435\u043b\u043e\u043c \u044d\u0442\u043e \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e\u0435 \u043d\u0430\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u0435, \u0447\u0442\u043e \u043d\u0435\u043b\u044c\u0437\u044f \u0432 \u0441\u044a\u0435\u043c\u043d\u044b\u0445 \u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044f\u0445 \u043d\u0430\u0434\u0435\u044f\u0442\u044c\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0435 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435.", "creation_timestamp": "2023-11-07T17:22:02.000000Z"}, {"uuid": "85bde9d5-374b-454c-a62d-8ba72218c2f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28385", "type": "published-proof-of-concept", "source": "https://t.me/cultofwire/1097", "content": "Hacking Some More Secure USB Flash Drives\n\n\u0417\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0435 USB-\u0444\u043b\u0435\u0448\u043a\u0438 \u0432\u044b\u0433\u043b\u044f\u0434\u044f\u0442 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u0432\u0435\u043d\u0434\u043e\u0440\u044b \u0437\u0430\u0432\u043b\u0435\u043a\u0430\u044e\u0442 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u043c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c AES 256-bit, \u043d\u0435\u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u043c\u043e\u0441\u0442\u044c\u044e \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043f\u0440\u043e\u0447\u0435\u0439 \u0441\u0443\u043f\u0435\u0440\u043d\u0430\u0434\u0451\u0436\u043d\u043e\u0439 \u0441\u0435\u043a\u0443\u0440\u043d\u043e\u0441\u0442\u044c\u044e. \u041d\u043e \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0430 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0442\u0430\u043a\u0430\u044f \u0437\u0430\u0449\u0438\u0442\u0430 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043e\u0442 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u044b\u0445 \u043b\u044e\u0434\u0435\u0439, \u0438 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0437\u0430\u0449\u0438\u0442\u0430 \u043d\u0435 \u0442\u0430\u043a \u043d\u0430\u0434\u0451\u0436\u043d\u0430, \u043a\u0430\u043a \u0432\u0435\u0449\u0430\u044e\u0442 \u043c\u0430\u0440\u043a\u0435\u0442\u043e\u043b\u043e\u0433\u0438.\n\n\u0412 \u0440\u0443\u043a\u0438 SySS \u043f\u043e\u043f\u0430\u043b\u0438\u0441\u044c \u0434\u0432\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043e\u0442 Vibratim: Verbatim Keypad Secure \u0438 Verbatim Executive Fingerprint Secure SSD.\n\u041e\u0431\u0430 \u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044f \u043f\u043e \u0441\u0443\u0442\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u043a\u0435\u0439\u0441\u043e\u043c \u0434\u043b\u044f M.2 SSD \u0441 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u0432\u044f\u0437\u043a\u043e\u0439 \u0432\u0440\u043e\u0434\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432 \u0438 \u043f\u0438\u043d\u043f\u0430\u0434\u043e\u0432\\\u0441\u043a\u0430\u043d\u0435\u0440\u0430 \u043e\u0442\u043f\u0435\u0447\u0430\u0442\u043a\u043e\u0432.\n\nHacking Some More Secure USB Flash Drives (Part I) \n\u041f\u0435\u0440\u0432\u044b\u043c \u043d\u0430 \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u043f\u0430\u043b Verbatim Keypad Secure.\n\u0412\u0435\u043d\u0434\u043e\u0440\u043e\u043c \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u0447\u0442\u043e \u043f\u0435\u0440\u0435\u0431\u043e\u0440 \u043f\u0430\u0440\u043e\u043b\u044f \u043d\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u0435\u043d, \u043d\u0430 \u0432\u0432\u043e\u0434 \u043f\u0430\u0440\u043e\u043b\u044f \u0434\u0430\u0451\u0442\u0441\u044f 20 \u043f\u043e\u043f\u044b\u0442\u043e\u043a, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044c \u043f\u0435\u0440\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u0435\u0442\u0441\u044f, \u043e\u0434\u043d\u0430\u043a\u043e \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u044d\u0442\u0430 \u0437\u0430\u0449\u0438\u0442\u0430 \u043d\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442. \u0410\u043d\u0430\u043b\u0438\u0437 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0434\u0430\u043d\u043d\u044b\u0435 \u0432\u0441\u0451 \u0436\u0435 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u044e\u0442\u0441\u044f, \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f \u0434\u043b\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0445\u0440\u0430\u043d\u0438\u0442\u0441\u044f \u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u0431\u043b\u043e\u043a\u0435 \u043d\u0430 SSD, \u0430 \u0434\u043b\u0438\u043d\u043d\u0430 \u043f\u0430\u0440\u043e\u043b\u044f \u043e\u0442 5 \u0434\u043e 12 \u0446\u0438\u0444\u0440 \u0441\u0438\u043b\u044c\u043d\u043e \u0443\u043f\u0440\u043e\u0449\u0430\u0435\u0442 \u0434\u0435\u043b\u043e.\n\n\u041f\u043e\u043f\u0443\u0442\u043d\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 CVE:\nCVE-2022-28384\nCVE-2022-28382\nCVE-2022-28383\nCVE-2022-28386\n\nPoC: Hacking a Secure USB Flash Drive // Unauthorized Access to Verbatim Keypad Secure (CVE-2022-28384) \n\nHacking Some More Secure USB Flash Drives (Part II) \n\n\u0412\u0442\u043e\u0440\u044b\u043c \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u043b\u043e\u0432\u0430\u043b\u0441\u044f Verbatim Executive Fingerprint Secure SSD.\n \u0412 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u0441\u0451 \u0431\u044b\u043b\u043e \u0435\u0449\u0451 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0435\u0439, Executive Fingerprint Secure SSD \u044d\u043c\u0443\u043b\u0438\u0440\u0443\u0435\u0442 CD-\u043f\u0440\u0438\u0432\u043e\u0434 \u0441 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u043c \u041f\u041e, \u0445\u043e\u0442\u044c \u0432\u0441\u0451 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043e AES, \u043a\u043b\u044e\u0447 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0437\u0430\u0445\u0430\u0440\u0434\u043a\u043e\u0436\u0435\u043d.\n\n\u041f\u043e\u043f\u0443\u0442\u043d\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 CVE:\nCVE-2022-28387\nCVE-2022-28382\nCVE-2022-28383\nCVE-2022-28385\n\nPoC: Hacking Yet Another Secure USB Flash Drive // Verbatim Executive Fingerprint Secure (CVE-2022-28387) \n\n\u0413\u043e\u0442\u043e\u0432\u044b\u0445 \u0442\u0443\u043b\u043e\u0432 \u043d\u0435 \u043f\u043e\u043b\u043e\u0436\u0438\u043b\u0438, \u043d\u043e \u0432 \u0446\u0435\u043b\u043e\u043c \u044d\u0442\u043e \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e\u0435 \u043d\u0430\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u0435, \u0447\u0442\u043e \u043d\u0435\u043b\u044c\u0437\u044f \u0432 \u0441\u044a\u0435\u043c\u043d\u044b\u0445 \u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044f\u0445 \u043d\u0430\u0434\u0435\u044f\u0442\u044c\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0435 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435.", "creation_timestamp": "2023-11-07T17:22:02.000000Z"}, {"uuid": "8c6da0dc-8a83-4e45-b2bb-e5a7a8ab33f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28383", "type": "published-proof-of-concept", "source": "https://t.me/cultofwire/1097", "content": "Hacking Some More Secure USB Flash Drives\n\n\u0417\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0435 USB-\u0444\u043b\u0435\u0448\u043a\u0438 \u0432\u044b\u0433\u043b\u044f\u0434\u044f\u0442 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u0432\u0435\u043d\u0434\u043e\u0440\u044b \u0437\u0430\u0432\u043b\u0435\u043a\u0430\u044e\u0442 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u043c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c AES 256-bit, \u043d\u0435\u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u043c\u043e\u0441\u0442\u044c\u044e \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043f\u0440\u043e\u0447\u0435\u0439 \u0441\u0443\u043f\u0435\u0440\u043d\u0430\u0434\u0451\u0436\u043d\u043e\u0439 \u0441\u0435\u043a\u0443\u0440\u043d\u043e\u0441\u0442\u044c\u044e. \u041d\u043e \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0430 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0442\u0430\u043a\u0430\u044f \u0437\u0430\u0449\u0438\u0442\u0430 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043e\u0442 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u044b\u0445 \u043b\u044e\u0434\u0435\u0439, \u0438 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0437\u0430\u0449\u0438\u0442\u0430 \u043d\u0435 \u0442\u0430\u043a \u043d\u0430\u0434\u0451\u0436\u043d\u0430, \u043a\u0430\u043a \u0432\u0435\u0449\u0430\u044e\u0442 \u043c\u0430\u0440\u043a\u0435\u0442\u043e\u043b\u043e\u0433\u0438.\n\n\u0412 \u0440\u0443\u043a\u0438 SySS \u043f\u043e\u043f\u0430\u043b\u0438\u0441\u044c \u0434\u0432\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043e\u0442 Vibratim: Verbatim Keypad Secure \u0438 Verbatim Executive Fingerprint Secure SSD.\n\u041e\u0431\u0430 \u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044f \u043f\u043e \u0441\u0443\u0442\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u043a\u0435\u0439\u0441\u043e\u043c \u0434\u043b\u044f M.2 SSD \u0441 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u0432\u044f\u0437\u043a\u043e\u0439 \u0432\u0440\u043e\u0434\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432 \u0438 \u043f\u0438\u043d\u043f\u0430\u0434\u043e\u0432\\\u0441\u043a\u0430\u043d\u0435\u0440\u0430 \u043e\u0442\u043f\u0435\u0447\u0430\u0442\u043a\u043e\u0432.\n\nHacking Some More Secure USB Flash Drives (Part I) \n\u041f\u0435\u0440\u0432\u044b\u043c \u043d\u0430 \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u043f\u0430\u043b Verbatim Keypad Secure.\n\u0412\u0435\u043d\u0434\u043e\u0440\u043e\u043c \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u0447\u0442\u043e \u043f\u0435\u0440\u0435\u0431\u043e\u0440 \u043f\u0430\u0440\u043e\u043b\u044f \u043d\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u0435\u043d, \u043d\u0430 \u0432\u0432\u043e\u0434 \u043f\u0430\u0440\u043e\u043b\u044f \u0434\u0430\u0451\u0442\u0441\u044f 20 \u043f\u043e\u043f\u044b\u0442\u043e\u043a, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044c \u043f\u0435\u0440\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u0435\u0442\u0441\u044f, \u043e\u0434\u043d\u0430\u043a\u043e \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u044d\u0442\u0430 \u0437\u0430\u0449\u0438\u0442\u0430 \u043d\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442. \u0410\u043d\u0430\u043b\u0438\u0437 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0434\u0430\u043d\u043d\u044b\u0435 \u0432\u0441\u0451 \u0436\u0435 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u044e\u0442\u0441\u044f, \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f \u0434\u043b\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0445\u0440\u0430\u043d\u0438\u0442\u0441\u044f \u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u0431\u043b\u043e\u043a\u0435 \u043d\u0430 SSD, \u0430 \u0434\u043b\u0438\u043d\u043d\u0430 \u043f\u0430\u0440\u043e\u043b\u044f \u043e\u0442 5 \u0434\u043e 12 \u0446\u0438\u0444\u0440 \u0441\u0438\u043b\u044c\u043d\u043e \u0443\u043f\u0440\u043e\u0449\u0430\u0435\u0442 \u0434\u0435\u043b\u043e.\n\n\u041f\u043e\u043f\u0443\u0442\u043d\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 CVE:\nCVE-2022-28384\nCVE-2022-28382\nCVE-2022-28383\nCVE-2022-28386\n\nPoC: Hacking a Secure USB Flash Drive // Unauthorized Access to Verbatim Keypad Secure (CVE-2022-28384) \n\nHacking Some More Secure USB Flash Drives (Part II) \n\n\u0412\u0442\u043e\u0440\u044b\u043c \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u043b\u043e\u0432\u0430\u043b\u0441\u044f Verbatim Executive Fingerprint Secure SSD.\n \u0412 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u0441\u0451 \u0431\u044b\u043b\u043e \u0435\u0449\u0451 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0435\u0439, Executive Fingerprint Secure SSD \u044d\u043c\u0443\u043b\u0438\u0440\u0443\u0435\u0442 CD-\u043f\u0440\u0438\u0432\u043e\u0434 \u0441 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u043c \u041f\u041e, \u0445\u043e\u0442\u044c \u0432\u0441\u0451 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043e AES, \u043a\u043b\u044e\u0447 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0437\u0430\u0445\u0430\u0440\u0434\u043a\u043e\u0436\u0435\u043d.\n\n\u041f\u043e\u043f\u0443\u0442\u043d\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 CVE:\nCVE-2022-28387\nCVE-2022-28382\nCVE-2022-28383\nCVE-2022-28385\n\nPoC: Hacking Yet Another Secure USB Flash Drive // Verbatim Executive Fingerprint Secure (CVE-2022-28387) \n\n\u0413\u043e\u0442\u043e\u0432\u044b\u0445 \u0442\u0443\u043b\u043e\u0432 \u043d\u0435 \u043f\u043e\u043b\u043e\u0436\u0438\u043b\u0438, \u043d\u043e \u0432 \u0446\u0435\u043b\u043e\u043c \u044d\u0442\u043e \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e\u0435 \u043d\u0430\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u0435, \u0447\u0442\u043e \u043d\u0435\u043b\u044c\u0437\u044f \u0432 \u0441\u044a\u0435\u043c\u043d\u044b\u0445 \u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044f\u0445 \u043d\u0430\u0434\u0435\u044f\u0442\u044c\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0435 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435.", "creation_timestamp": "2023-11-07T17:22:02.000000Z"}, {"uuid": "a2490224-9e14-4d97-bbb2-a4bb6084f985", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28387", "type": "published-proof-of-concept", "source": "https://t.me/cultofwire/1097", "content": "Hacking Some More Secure USB Flash Drives\n\n\u0417\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0435 USB-\u0444\u043b\u0435\u0448\u043a\u0438 \u0432\u044b\u0433\u043b\u044f\u0434\u044f\u0442 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u0432\u0435\u043d\u0434\u043e\u0440\u044b \u0437\u0430\u0432\u043b\u0435\u043a\u0430\u044e\u0442 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u043c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c AES 256-bit, \u043d\u0435\u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u043c\u043e\u0441\u0442\u044c\u044e \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043f\u0440\u043e\u0447\u0435\u0439 \u0441\u0443\u043f\u0435\u0440\u043d\u0430\u0434\u0451\u0436\u043d\u043e\u0439 \u0441\u0435\u043a\u0443\u0440\u043d\u043e\u0441\u0442\u044c\u044e. \u041d\u043e \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0430 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0442\u0430\u043a\u0430\u044f \u0437\u0430\u0449\u0438\u0442\u0430 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043e\u0442 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u044b\u0445 \u043b\u044e\u0434\u0435\u0439, \u0438 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0437\u0430\u0449\u0438\u0442\u0430 \u043d\u0435 \u0442\u0430\u043a \u043d\u0430\u0434\u0451\u0436\u043d\u0430, \u043a\u0430\u043a \u0432\u0435\u0449\u0430\u044e\u0442 \u043c\u0430\u0440\u043a\u0435\u0442\u043e\u043b\u043e\u0433\u0438.\n\n\u0412 \u0440\u0443\u043a\u0438 SySS \u043f\u043e\u043f\u0430\u043b\u0438\u0441\u044c \u0434\u0432\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043e\u0442 Vibratim: Verbatim Keypad Secure \u0438 Verbatim Executive Fingerprint Secure SSD.\n\u041e\u0431\u0430 \u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044f \u043f\u043e \u0441\u0443\u0442\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u043a\u0435\u0439\u0441\u043e\u043c \u0434\u043b\u044f M.2 SSD \u0441 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u0432\u044f\u0437\u043a\u043e\u0439 \u0432\u0440\u043e\u0434\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432 \u0438 \u043f\u0438\u043d\u043f\u0430\u0434\u043e\u0432\\\u0441\u043a\u0430\u043d\u0435\u0440\u0430 \u043e\u0442\u043f\u0435\u0447\u0430\u0442\u043a\u043e\u0432.\n\nHacking Some More Secure USB Flash Drives (Part I) \n\u041f\u0435\u0440\u0432\u044b\u043c \u043d\u0430 \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u043f\u0430\u043b Verbatim Keypad Secure.\n\u0412\u0435\u043d\u0434\u043e\u0440\u043e\u043c \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u0447\u0442\u043e \u043f\u0435\u0440\u0435\u0431\u043e\u0440 \u043f\u0430\u0440\u043e\u043b\u044f \u043d\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u0435\u043d, \u043d\u0430 \u0432\u0432\u043e\u0434 \u043f\u0430\u0440\u043e\u043b\u044f \u0434\u0430\u0451\u0442\u0441\u044f 20 \u043f\u043e\u043f\u044b\u0442\u043e\u043a, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044c \u043f\u0435\u0440\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u0435\u0442\u0441\u044f, \u043e\u0434\u043d\u0430\u043a\u043e \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u044d\u0442\u0430 \u0437\u0430\u0449\u0438\u0442\u0430 \u043d\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442. \u0410\u043d\u0430\u043b\u0438\u0437 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0434\u0430\u043d\u043d\u044b\u0435 \u0432\u0441\u0451 \u0436\u0435 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u044e\u0442\u0441\u044f, \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f \u0434\u043b\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0445\u0440\u0430\u043d\u0438\u0442\u0441\u044f \u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u0431\u043b\u043e\u043a\u0435 \u043d\u0430 SSD, \u0430 \u0434\u043b\u0438\u043d\u043d\u0430 \u043f\u0430\u0440\u043e\u043b\u044f \u043e\u0442 5 \u0434\u043e 12 \u0446\u0438\u0444\u0440 \u0441\u0438\u043b\u044c\u043d\u043e \u0443\u043f\u0440\u043e\u0449\u0430\u0435\u0442 \u0434\u0435\u043b\u043e.\n\n\u041f\u043e\u043f\u0443\u0442\u043d\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 CVE:\nCVE-2022-28384\nCVE-2022-28382\nCVE-2022-28383\nCVE-2022-28386\n\nPoC: Hacking a Secure USB Flash Drive // Unauthorized Access to Verbatim Keypad Secure (CVE-2022-28384) \n\nHacking Some More Secure USB Flash Drives (Part II) \n\n\u0412\u0442\u043e\u0440\u044b\u043c \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u043b\u043e\u0432\u0430\u043b\u0441\u044f Verbatim Executive Fingerprint Secure SSD.\n \u0412 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u0441\u0451 \u0431\u044b\u043b\u043e \u0435\u0449\u0451 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0435\u0439, Executive Fingerprint Secure SSD \u044d\u043c\u0443\u043b\u0438\u0440\u0443\u0435\u0442 CD-\u043f\u0440\u0438\u0432\u043e\u0434 \u0441 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u043c \u041f\u041e, \u0445\u043e\u0442\u044c \u0432\u0441\u0451 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043e AES, \u043a\u043b\u044e\u0447 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0437\u0430\u0445\u0430\u0440\u0434\u043a\u043e\u0436\u0435\u043d.\n\n\u041f\u043e\u043f\u0443\u0442\u043d\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 CVE:\nCVE-2022-28387\nCVE-2022-28382\nCVE-2022-28383\nCVE-2022-28385\n\nPoC: Hacking Yet Another Secure USB Flash Drive // Verbatim Executive Fingerprint Secure (CVE-2022-28387) \n\n\u0413\u043e\u0442\u043e\u0432\u044b\u0445 \u0442\u0443\u043b\u043e\u0432 \u043d\u0435 \u043f\u043e\u043b\u043e\u0436\u0438\u043b\u0438, \u043d\u043e \u0432 \u0446\u0435\u043b\u043e\u043c \u044d\u0442\u043e \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e\u0435 \u043d\u0430\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u0435, \u0447\u0442\u043e \u043d\u0435\u043b\u044c\u0437\u044f \u0432 \u0441\u044a\u0435\u043c\u043d\u044b\u0445 \u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044f\u0445 \u043d\u0430\u0434\u0435\u044f\u0442\u044c\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0435 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435.", "creation_timestamp": "2023-11-07T17:22:02.000000Z"}]}