-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2022-014 Product: Fingerprint Secure Portable Hard Drive Manufacturer: Verbatim Affected Version(s): #53650 Tested Version(s): #53650 Vulnerability Type: Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) Risk Level: High Solution Status: Open Manufacturer Notification: 2022-02-03 Solution Date: - Public Disclosure: 2022-06-08 CVE Reference: CVE-2022-28387 Author of Advisory: Matthias Deeg (SySS GmbH) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Overview: The Verbatim Fingerprint Secure Portable Hard Drive is a USB drive with AES 256-bit hardware encryption and a built-in fingerprint sensor for unlocking the device with previously registered fingerprints. The manufacturer describes the product as follows: "The AES 256-bit Hardware Encryption seamlessly encrypts all data on the drive in real-time. The drive is compliant with GDPR requirements as 100% of the drive is securely encrypted. The built-in fingerprint recognition system allows access for up to eight authorised users and one administrator who can access the device via a password. The hard drive does not store passwords in the computer or system's volatile memory making it far more secure than software encryption."[1] Due to an insecure design, the Verbatim Fingerprint Secure Portable Hard Drive can be unlocked by an attacker who can thus gain unauthorized access to the stored data. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Vulnerability Details: When analyzing the Verbatim Fingerprint Secure Portable Hard Drive, Matthias Deeg found out it uses an insecure design which allows retrieving the currently used password and thus the ability to unlock and access the stored data in an unauthorized way. The Verbatim Fingerprint Secure Portable Hard Drive consists of the following five main parts: 1. A hard drive (3.5 inch) 2. A USB-to-SATA bridge controller (INIC-3637EN) 3. An SPI flash memory chip (XT25F01B) containing the firmware of the INIC-3637EN 4. A fingerprint sensor 5. A fingerprint sensor controller (INIC-3782N) For encrypting the data stored on the hard drive, the hardware AES engine of the INIC-3637EN is used. More specifically, AES-256 in ECB (Electronic Codebook) mode is used for data encryption, which is also a security issue by itself, as described in the SySS security advisory SYSS-2022-015[2]. The hard drive can be either unlocked via the fingerprint sensor using a previously registered fingerprint or via a password. Unlocking the hard drive via a password takes place using a Windows or macOS client software that sends specific IOCTL commands (IOCTL_SCSI_PASS_THROUGH) to the USB device. The data part of those device-specific commands is encrypted using AES with a hard-coded cryptographic key found within the client software and the USB-to-SATA bridge controller's firmware. One of the supported commands is able to retrieve the currently set password and cryptographic key material used for the data disk encryption. By sending this specific IOCTL command to the USB device and knowing the used AES encryption scheme for the command data, an attacker can instantly retrieve the correct password and thus unlock the device in order to gain unauthorized access to its stored data. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Proof of Concept (PoC): For demonstrating the described security vulnerability, Matthias Deeg developed a software tool that can extract the currently set password of a Verbatim Fingerprint Secure Portable Hard Drive. This enables an attacker to instantly unlock the device. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: SySS GmbH is not aware of a solution for the described security issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Disclosure Timeline: 2022-02-03: Vulnerability reported to manufacturer 2022-02-11: Vulnerability reported to manufacturer again 2022-03-07: Vulnerability reported to manufacturer again 2022-06-08: Public release of security advisory ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ References: [1] Product website for Verbatim Fingerprint Secure Portable Hard Drive https://www.verbatim-europe.co.uk/en/prod/fingerprint-secure-portable-hard-drive-1tb-53650/ [2] SySS Security Advisory SYSS-2022-015 https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-015.txt [3] SySS Security Advisory SYSS-2022-014 https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-014.txt [4] SySS GmbH, SySS Responsible Disclosure Policy https://www.syss.de/en/responsible-disclosure-policy ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Credits: This security vulnerability was found by Matthias Deeg of SySS GmbH. E-Mail: matthias.deeg (at) syss.de Public Key: https://www.syss.de/fileadmin/dokumente/Materialien/PGPKeys/Matthias_Deeg.asc Key fingerprint = D1F0 A035 F06C E675 CDB9 0514 D9A4 BF6A 34AD 4DAB ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Disclaimer: The information provided in this security advisory is provided "as is" and without warranty of any kind. Details of this security advisory may be updated in order to provide as accurate information as possible. The latest version of this security advisory is available on the SySS website. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Copyright: Creative Commons - Attribution (by) - Version 3.0 URL: http://creativecommons.org/licenses/by/3.0/deed.en -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0fCgNfBs5nXNuQUU2aS/ajStTasFAmKgQWsACgkQ2aS/ajSt TavMrA//XM9kff0pGokE4Jm/SQKSoy0v+EUr3aoH8zB8f24Dnl6S3UDCuIIKENxB qWsimlzoAyRj2WVoUJObNEOT5s4Z2wjDFnOfCcNz2ctv6t0t9/t9KQKcP7GToPzB lQqi4JC7MkRQZupAX28NjQQCruaTx/gOSPKa7Hcqyu9qO0mZYSI0p+KJb2753MT5 MGBg/DfK7984xlUNr+VtK36CUW74Ga3VE01KEs6g7cZpTlroJYxtM2rEZ4GRv6gr B1G/gk4kGq5Xu99lZHM+Ec9tGu3sjqHaN+9vhQO9cwHM0nCJdPP6JcN+h39gRYyf lq9mbsit4Sn7Ga4KUcUwO9ajZm9bqxnDBHDOVzgJH+IzVlxSAi3jNUdUycac9j4T cQYwTns0x8n48N5e49MfFGXxO3QsKId6mhq4oWEtoJMAiD8cnG/9MD4FHwPAgDPm frnHoJf1XeoddqVP+S4M1go02Nz2fpKJoademS+nRXEYyvuX4gPkZhXJPboTXNEn CUrl74fxgn0ow21GEt0TEGW4MErDpFJotsM5SgjrbgmOvmRRfj7J0FkzPLLtqxGP 5flYpb0Xj7QtUx0aWE2+AZEbCAI0naKQGy9fhAZRL51BA7eXguKNngaCSYrrFs7M SIDv0bae6fEV6dQgTaAhgaZTj/lVOg5z7awkTpNCL7a58X/j/mI= =Mijf -----END PGP SIGNATURE-----