s::can versions 4.2 and above, and s::mini versions 4.8 and above are not affected by this issue. s::can and s::mini are the recommended way to secure your assets. With s::can, you can encrypt your assets before storing them on the device, and with s::mini, you can protect your assets with a PIN. With either of these protection methods, you can be sure that no one but you can access your assets.
To protect against this vulnerability, upgrade to a version of s::can or s::mini that was released after the year 2010. If you are still using an older version, you should upgrade.
What is S-Can?
S-Can is a software for securing digital assets. It uses encryption to protect data from being accessed by unauthorized parties. S-Can can also protect your assets from being removed or copied from the device where they are stored, even if the device is lost or stolen.
How to Protect Assets Against CVE-2020-12508
To protect against this vulnerability, upgrade to a version of s::can or s::mini that was released after the year 2010. If you are still using an older version, you should upgrade.
There is a flaw in the way that versions 4.2 and above of s::can and s::mini store user-entered PINs. A malicious party who manages to gain access to your device can use this flaw to recover their PIN and access your assets without your permission.
How to check if you are vulnerable
To check if you are vulnerable, click on the "verify" button:
If your version of SysCAN is vulnerable, an error will appear in the console.
How to upgrade to a version of s::can or s::mini released after the year 2010
Step 1: Download the latest version of s::can or s::mini from our website.
Step 2: Install the software on a computer or Mac, and then copy the downloaded file to your external drive.
Step 3: Connect your external drive to your device, turn on the device, and open s::can or s::mini.
Upon launching, you will be prompted to upgrade from older versions of s::can or s::mini. Simply select "yes" and follow the instructions on screen.
Timeline
Published on: 11/15/2022 21:15:00 UTC
Last modified on: 11/15/2022 21:56:00 UTC