Skip to content

Commit

Permalink
Adding Recovery of Disk Contains Sensitive Material
Browse files Browse the repository at this point in the history
  • Loading branch information
RRudder committed Mar 17, 2024
1 parent ebf7339 commit c8e35bd
Showing 1 changed file with 21 additions and 0 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
# Recovery of Disk Contains Sensitive Material

## Overview of the Vulnerability

The device's storage medium fails to adequately delete data when a factory reset is performed due to a flaw in the process. An attacker with access to the storage medium post-reset can recover and exploit the sensitive information.

## Business Impact

The incomplete deletion of sensitive data during a factory reset poses a substantial risk of data breaches. If exploited, this vulnerability can lead to the unauthorized disclosure of confidential information, undermining customer trust and violating privacy regulations. The consequent legal, financial, and reputational damages can significantly impact the organization's standing and operations.

## Steps to Reproduce

1. Perform a factory reset on the device to initiate the data removal process.
2. Access the storage medium of the device after the reset.
3. Use {{tool}} to retrieve previously stored sensitive information.

## Proof of Concept (PoC)

The following screenshot(s) demonstrate(s) this vulnerability:

{{screenshot}}

0 comments on commit c8e35bd

Please sign in to comment.