CVE-2020-14474 - OpenCVE

The Cellebrite UFED physical device 5.0 through 7.5.0.845 relies on key material hardcoded within both the executable code supporting the decryption process, and within the encrypted files themselves by using a key enveloping technique. The recovered key material is the same for every device running the same version of the software, and does not appear to be changed with each new build. It is possible to reconstruct the decryption process using the hardcoded key material and obtain easy access to otherwise protected data.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cellebrite	Ufed Ufed Firmware

Configuration 1 [-]

AND

cpe:2.3:h:cellebrite:ufed:-:*:*:*:*:*:*:*

cpe:2.3:o:cellebrite:ufed_firmware:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://packetstormsecurity.com/files/158254/Cellebrite-EPR-Decryption-Hardcoded-AES-Key-Material.html
http://seclists.org/fulldisclosure/2020/Jun/31
https://korelogic.com/Resources/Advisories/KL-001-2020-003.txt

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-06-30T18:03:50

Updated: 2024-08-04T12:46:34.615Z

Reserved: 2020-06-19T00:00:00

Link: CVE-2020-14474

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-06-30T19:15:11.397

Modified: 2020-07-10T14:26:37.413

Link: CVE-2020-14474

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2020-06-29T00:00:00", "descriptions": [{"lang": "en", "value": "The Cellebrite UFED physical device 5.0 through 7.5.0.845 relies on key material hardcoded within both the executable code supporting the decryption process, and within the encrypted files themselves by using a key enveloping technique. The recovered key material is the same for every device running the same version of the software, and does not appear to be changed with each new build. It is possible to reconstruct the decryption process using the hardcoded key material and obtain easy access to otherwise protected data."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-06-30T19:06:06", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://seclists.org/fulldisclosure/2020/Jun/31"}, {"tags": ["x_refsource_MISC"], "url": "https://korelogic.com/Resources/Advisories/KL-001-2020-003.txt"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/158254/Cellebrite-EPR-Decryption-Hardcoded-AES-Key-Material.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-14474", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Cellebrite UFED physical device 5.0 through 7.5.0.845 relies on key material hardcoded within both the executable code supporting the decryption process, and within the encrypted files themselves by using a key enveloping technique. The recovered key material is the same for every device running the same version of the software, and does not appear to be changed with each new build. It is possible to reconstruct the decryption process using the hardcoded key material and obtain easy access to otherwise protected data."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://seclists.org/fulldisclosure/2020/Jun/31", "refsource": "MISC", "url": "http://seclists.org/fulldisclosure/2020/Jun/31"}, {"name": "https://korelogic.com/Resources/Advisories/KL-001-2020-003.txt", "refsource": "MISC", "url": "https://korelogic.com/Resources/Advisories/KL-001-2020-003.txt"}, {"name": "http://packetstormsecurity.com/files/158254/Cellebrite-EPR-Decryption-Hardcoded-AES-Key-Material.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/158254/Cellebrite-EPR-Decryption-Hardcoded-AES-Key-Material.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T12:46:34.615Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2020/Jun/31"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://korelogic.com/Resources/Advisories/KL-001-2020-003.txt"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/158254/Cellebrite-EPR-Decryption-Hardcoded-AES-Key-Material.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-14474", "datePublished": "2020-06-30T18:03:50", "dateReserved": "2020-06-19T00:00:00", "dateUpdated": "2024-08-04T12:46:34.615Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cellebrite:ufed:-:*:*:*:*:*:*:*", "matchCriteriaId": "3AA835CD-4CD7-4CCF-8206-420F2B9E179B", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cellebrite:ufed_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACF4CF22-C1AC-4F58-A9D2-969AD080C29D", "versionEndIncluding": "7.5.0.845", "versionStartIncluding": "5.0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Cellebrite UFED physical device 5.0 through 7.5.0.845 relies on key material hardcoded within both the executable code supporting the decryption process, and within the encrypted files themselves by using a key enveloping technique. The recovered key material is the same for every device running the same version of the software, and does not appear to be changed with each new build. It is possible to reconstruct the decryption process using the hardcoded key material and obtain easy access to otherwise protected data."}, {"lang": "es", "value": "El dispositivo f\u00edsico Cellebrite UFED versiones 5.0 h??asta 7.5.0.845, se basa en material de clave embebido tanto dentro del c\u00f3digo ejecutable que admite el proceso de descifrado como dentro de los archivos cifrados mediante el uso de una t\u00e9cnica de envoltura de clave. El material de clave recuperado es el mismo para todos los dispositivos que ejecutan la misma versi\u00f3n del software, y no parece ser cambiado con cada nueva compilaci\u00f3n. Es posible reconstruir el proceso de descifrado mediante el uso de material de clave embebido y obtener un f\u00e1cil acceso a los datos protegidos de otra manera"}], "id": "CVE-2020-14474", "lastModified": "2020-07-10T14:26:37.413", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-06-30T19:15:11.397", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/158254/Cellebrite-EPR-Decryption-Hardcoded-AES-Key-Material.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2020/Jun/31"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://korelogic.com/Resources/Advisories/KL-001-2020-003.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "nvd@nist.gov", "type": "Primary"}]}