diff --git a/Demos/Device/LowLevel/MassStorage/MassStorage.c b/Demos/Device/LowLevel/MassStorage/MassStorage.c
index ebb8e5c484d9f57d65b145cec8cd0fc4cc24486d..2c80fc595e7074aee3bb5ab6e77e9a0a66fa0029 100644
--- a/Demos/Device/LowLevel/MassStorage/MassStorage.c
+++ b/Demos/Device/LowLevel/MassStorage/MassStorage.c
@@ -256,6 +256,8 @@ static bool ReadInCommandBlock(void)
 	/* Verify the command block - abort if invalid */
 	if ((CommandBlock.Signature         != CBW_SIGNATURE) ||
 	    (CommandBlock.LUN               >= TOTAL_LUNS)    ||
+		(CommandBlock.Flags              & 0x1F)          ||
+		(CommandBlock.SCSICommandLength == 0)             ||
 		(CommandBlock.SCSICommandLength >  MAX_SCSI_COMMAND_LENGTH))
 	{
 		/* Stall both data pipes until reset by host */
diff --git a/LUFA/Drivers/USB/Class/Device/MassStorage.c b/LUFA/Drivers/USB/Class/Device/MassStorage.c
index ceb4b9647d3b734e8a262a81ccfa13c4d0d18c43..f7f3fd9f232d121d41569f572d2b24e280716afb 100644
--- a/LUFA/Drivers/USB/Class/Device/MassStorage.c
+++ b/LUFA/Drivers/USB/Class/Device/MassStorage.c
@@ -149,6 +149,8 @@ static bool MS_Device_ReadInCommandBlock(USB_ClassInfo_MS_Device_t* const MSInte
 
 	if ((MSInterfaceInfo->State.CommandBlock.Signature         != MS_CBW_SIGNATURE)                  ||
 	    (MSInterfaceInfo->State.CommandBlock.LUN               >= MSInterfaceInfo->Config.TotalLUNs) ||
+		(MSInterfaceInfo->State.CommandBlock.Flags              & 0x1F)                              ||
+		(MSInterfaceInfo->State.CommandBlock.SCSICommandLength == 0)                                 ||
 		(MSInterfaceInfo->State.CommandBlock.SCSICommandLength >  16))
 	{
 		Endpoint_StallTransaction();