Vulnerabilities in CPSD CryptoPro Secure Disk for BitLocker

Several flaws exist within the CPSD crypto-pro secure disk's BitLocker feature, enabling root-level access and credential theft.

Several flaws were identified within CryptoPro Secure Disk (CPSD), an important tool employed by users seeking secure data protection through BitLocker's encryption feature.

Such weaknesses might enable someone who has direct contact with a system component to obtain sustained control over it and illicitly acquire confidential information.

Researchers at SEC Consult's Vulnerability Lab have uncovered critical vulnerabilities in their product, posing substantial threats to businesses using it for safeguarding sensitive information.

CVE CVSS Details

CVE-2025-10010 N/A Integrity bypass enables root code execution.

N/A N/A Cleartext /tmp data exposes credentials.

The CryptoPro Secure Disk loads an extremely lightweight version of Linux for user authentication before using BitLocker to unlock the Windows partition.

The Linux operating system is installed on an unprotected storage area of the disk, which may be accessed by unauthorized users if they have physical access to the computer's hardware components or use removable media for booting up the machine.

The system employs the Integrity Measurement Architecture of the Linux kernel for file verification; however, it was discovered by researchers that this architecture fails to authenticate specific configurations.

Execute Bash in interactive mode by piping its standard output and error streams through TCP connection to 192. Six hundred sixty-eight. Certainly! Here's an alternative version of your input without any changes: The year 20XX is represented by this code: XX/YY.

Through altering those documents, malicious actors gain control over system processes wielding elevated permissions. They might introduce an unintended path for intrusion while running programs undetected by causing no technical issues in their operation.

Product Vulnerable Versions Fixed Versions

The CPSD CryptoPro Secure Disk is less than seven units available. Six. Six is less than seven. Seven. The number 7 is listed as position 1 in this sequence. Six. Six divided by seven equals approximately zero point eight five-seven. Seven. Certainly! Here's an alternative version of your Absolutely clear: 2.

ClearText Storage of Sensitive Data

An additional matter at hand involves storing confidential information without encryption. If users lose access to their passwords, CryptoPro Secure Disk provides an internet-based assistance option which links them to a predetermined connection point.

As per SEC Consult's guidance, for seamless integration of components, the architecture encrypts critical data like digital credentials and login information into plain text format inside the 'temp' subdirectory located at '/tmp'.

Should an intruder have exploited the initial flaw in accessing the Linux system, it would be relatively straightforward for them to scrutinize those documents.

Unencrypted SSL/TLS certificates divulge wireless network login information and facilitate IEEE 802 security protocols. The 1x bypass is described in detail on this page (source: sec-consult).

Unencrypted SSL/TLS certificates reveal wireless network connections and facilitate 802. 1X authentication processes. The 1x bypass is sourced through sec-consult.

The data might subsequently enable unauthorized entry into secure systems or circumvent security measures, thereby jeopardizing organizational resources.

In early 2025, CPSD received notice about those problems, subsequently delivering updates. Editions 7. Six. Six and seven. Seven. Address the weaknesses.

Entities employing CryptoPro Secure Disk must upgrade their applications promptly. When updates cannot be done right away, the seller suggests securing the PBA section through encryption; this option has been included in versions after number seven. Six. Certainly! Here's an alternative version of the given Absolutely not.

Beginning at release number seven. This feature activates automatically, safeguarding against accidental changes to files.

The SEC Consult recommends conducting comprehensive security audits on an organization's encryption systems to uncover and rectify additional vulnerabilities.