CVE-2010-0222 | Vulnerability Database | Aqua Security

Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key.

Affected Software

Name	Vendor	Start Version	End Version
Datatraveler_blackbox	Kingston	*	*
Datatraveler_elite	Kingston	*	*
Datatraveler_secure	Kingston	*	*

References

http://blogs.zdnet.com/hardware/?p=6655
http://it.slashdot.org/story/10/01/05/1734242/
http://news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm
http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html
http://www.kingston.com/driveupdate/
http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf
http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9
http://www.vupen.com/english/advisories/2010/0080
https://www.ironkey.com/usb-flash-drive-flaw-exposed

NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-0222
CWE	https://cwe.mitre.org/data/definitions/310.html