Executive Summary

Title Replay Protected Memory Block (RPMB) protocol does not adequately defend against replay attacks
Name VU#231329 First vendor Publication 2020-11-10
Vendor VU-CERT Last vendor Modification 2020-11-16
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Overall CVSS Score 6.8
Base Score 6.8 Environmental Score 6.8
impact SubScore 5.9 Temporal Score 6.8
Exploitabality Sub Score 0.9
Attack Vector Physical Attack Complexity Low
Privileges Required None User Interaction None
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 4.6 Attack Range Local
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores



The Replay Protected Memory Block (RPMB) protocol found in several storage specifications does not securely protect against replay attacks. An attacker with physical access can deceive a trusted component about the status of an RPBM write command or the content of an RPMB area.


The RPMB protocol "...enables a device to store data in a small, specific area that is authenticated and protected against replay attack." RPMB is most commonly found in mobile phones and tablets using flash storage technology such as eMMC, UFS, and NVMe. The RPMB protocol allows an attacker to replay stale write failure messages and write commands, leading to state confusion between a trusted component and the contents of an RPMB area. Additional details are available in Replay Attack Vulnerabilities in RPMB Protocol Applications.


An attacker with physical access to a device can cause a mismatch between the write state or contents of the RPMB area and a trusted component of the device. These mismatches can lead to the trusted component believing a write command failed when in fact it succeeded, or the trusted component believing that certain content was written when in fact different content (unmodified by the attacker) was written. Further implications depend on the specific device and use of RPMB. At least one affected vendor has confirmed that denial of service


Please see the Vendor Information section below. Further vendor information is available in Replay Attack Vulnerabilities in RPMB Protocol Applications.


Rotem Sela and Brian Mastenbrook of Western Digital identified this vulnerability. Western Digital coordinated its disclosure with the affected vendors. Thanks Western Digital PSIRT!

This document was written by Eric Hatleback.

Original Source

Url : https://kb.cert.org/vuls/id/231329

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-294 Authentication Bypass by Capture-replay

CPE : Common Platform Enumeration

Os 1

Alert History

If you want to see full details history, please login or register.
Date Informations
2021-04-10 00:29:23
  • Multiple Updates
2021-04-09 21:29:50
  • Multiple Updates
2021-04-09 21:18:05
  • Multiple Updates
2021-03-26 17:29:10
  • Multiple Updates
2021-03-26 13:29:30
  • Multiple Updates
2021-03-26 13:17:55
  • Multiple Updates
2021-01-20 00:28:55
  • Multiple Updates
2021-01-19 21:29:33
  • Multiple Updates
2021-01-19 21:18:04
  • Multiple Updates
2020-11-25 00:28:42
  • Multiple Updates
2020-11-16 21:29:25
  • Multiple Updates
2020-11-16 21:17:57
  • Multiple Updates
2020-11-13 21:29:11
  • Multiple Updates
2020-11-13 21:17:56
  • Multiple Updates
2020-11-11 00:17:33
  • First insertion