Lucene search
GoogleOSV:CVE-2020-6861HistoryMay 06, 2020 - 2:15 p.m.
CVE-2020-6861
2020-05-0614:15:11
Google
osv.dev
2
A flawed protocol design in the Ledger Monero app before 1.5.1 for Ledger Nano and Ledger S devices allows a local attacker to extract the master spending key by sending crafted messages to this app selected on a PIN-entered Ledger connected to a host PC.
| CPE | Name | Operator | Version |
|---|---|---|---|
| app-monero | eq | 1.2.0 | |
| app-monero | eq | 1.4.0-alpha1 | |
| app-monero | eq | 1.1.0 | |
| app-monero | eq | 1.1.3 | |
| app-monero | eq | Beta1 | |
| app-monero | eq | 1.4.0-alpha2 | |
| app-monero | eq | 1.2.2 | |
| app-monero | eq | Beta4 | |
| app-monero | eq | 1.1.1 | |
| app-monero | eq | Beta2 |
Related
cvelist
cvelist
CVE-2020-6861
2020-05-06 13:15:31
prion
prion
Design/Logic Flaw
2020-05-06 14:15:00
cve
cve
CVE-2020-6861
2020-05-06 14:15:11
nvd
nvd
CVE-2020-6861
2020-05-06 14:15:11