Vulnerabilities In Major Self-Encrypting SSDs Allow Encryption Bypass and Affect Bitlocker


Solid State Drives or SSDs serve as a convenient method to store data. They become safer when they offer self-encryption. These devices offer hardware encryption, eliminating the need for encryption software. However, some researchers have discovered security flaws in the firmware of major self-encrypting SSDs that could allow an attacker to bypass disk encryption and access the data.

Self-Encrypting SSDs Hit By Vulnerabilities

Researchers from the Radboud University have discovered vulnerabilities in some Solid State Drives that could allow an attacker to bypass disk encryption. This includes self-encrypting SSDs from prominent vendors such as Samsung and Crucial.

As explained in their paper, they found critical security flaws in several hardware encryption devices that make the data vulnerable to hacks. These flaws let an attacker steal data without any password or private keys.

“We found that many hardware implementations have critical security weaknesses, for many models allowing for complete recovery of the data without knowledge of any secret.”

In their study, the researchers took three different SSD models as test. These include Crucial (Micron) MX100, MX200, and MX300 internal hard disks, Samsung T3 and T5 USB external disks; and Samsung 840 EVO and 850 EVO internal hard disks. As explained, they chose these devices since the combined produce by the vendors makes up around half of the SSDs sold in the market.

The duo focused on “machine off, awareness” attacker model in their study, where the victim is aware of an attacker’s physical access to a powered-off machine. After assessing the firmware of test devices, they found various flaws posing security threats. These flaws mainly existed in the ATA security and TCG Opal implementations.

What’s more troublesome is that the vulnerabilities also affect Windows’ BitLocker, which supports hardware encryption when available.

“BitLocker, the full-disk encryption software built into Microsoft Windows, switches off software encryption and completely relies on hardware encryption by default if the drive advertises support.

It means that BitLocker users also remain exposed to the threats unwittingly.

As explained by National Cyber Security Centre (NCSC), Netherlands, in their advisory [translated],

“Researchers have detected multiple vulnerabilities in implementations of the TCG Opal standard with SEDs. These vulnerabilities are known under CVE-2018-12037 and CVE-2018-12038.

-CVE-2018-12037: There is no cryptographic link between the given password end user and the key used for the encryption of user data.

-CVE-2018-12038: Key information is stored on a wear-leveled storage chip.”

The products affected by CVE-2018-12037 include Crucial (Micron) MX100, MX200, and MX300 drives; Samsung T3 and T5 portable drives, and Samsung 840 EVO and 850 EVO (only in “ATA high” mode). Whereas, CVE-2018-12038 affected Samsung 840 EVO drives.

Any Mitigations?

The researchers, Carlo Meijer and Bernard van Gastel, have compiled a detailed research paper presenting their findings, which will be finalized after peer-review. For now, they have shared the initial draft on the Radboud University website.

Besides, they duly informed the respective vendors of the vulnerabilities, and publicly disclosed their findings after the standard disclosure period. Consequently, Samsung and Crucial (Micron) have released patches for the flaws in their respective self-encrypting SSDs.

Microsoft has also released a security advisory to guide users about setting up software-only encryption with BitLocker.

However, it is highly likely that the drives from other vendors may also suffer these vulnerabilities. Therefore, as possible mitigation, the researchers recommend using software-level disk encryption.

“If sensitive data needs to be protected, it is in any case advisable to use software encryption and not rely solely on hardware encryption.”

While talking to LHN, Garry McCracken, VP Technology at WinMagic, advised us;

“The original paper claims that the security of the drive depends on the quality of the implementation. It can vary from drive to drive and manufacturer to manufacturer. Users should ask their supplier (e.g. PC OEM, etc.) If their particular models have known vulnerabilities and if there are any firmware updates to address them. If users do have drives where the cryptographic keys used to encrypt and decrypt the data are not derived from the owner’s supplied credentials, AND there is no firmware fix available, then consider encrypting these drives with software encryption, like SecureDoc from WinMagic.”

Take your time to comment on this article.


Please enter your comment!
Please enter your name here