CVE-2009-3200
Last modified
CVE-2009-3200 is a vulnerability of currently unknown severity. The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 create an undocumented recovery key and store it in the ENCK variable in flash memory, which allows local users to bypass the passphrase requirement and decrypt the hard drive by reading this variable, deobfuscating the key, and running a cryptsetup luksOpen command.. EPSS estimates a 0.40% chance of exploitation in the next 30 days.
Description
The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 create an undocumented recovery key and store it in the ENCK variable in flash memory, which allows local users to bypass the passphrase requirement and decrypt the hard drive by reading this variable, deobfuscating the key, and running a cryptsetup luksOpen command.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Qnap | Ts-239 Pro Turbo Nas | 2.1.7_0613 |
| Qnap | Ts-239 Pro Turbo Nas | 3.1.0_0627 |
| Qnap | Ts-239 Pro Turbo Nas | 3.1.1_0815 |
| Qnap | Ts-639 Pro Turbo Nas | 2.1.7_0613 |
| Qnap | Ts-639 Pro Turbo Nas | 3.1.0_0627 |
| Qnap | Ts-639 Pro Turbo Nas | 3.1.1_0815 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-3200?
How severe is CVE-2009-3200?
How do I fix CVE-2009-3200?
Are you affected by CVE-2009-3200?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST