Lucene search
K

9 matches found

The Hacker News
The Hacker News
added yesterday5 views

Laser Attack Resets Tangem Wallet Passwords on Cards That Can't Be Patched

Researchers at Ledger's Donjon security team have shown that a precisely timed laser pulse, aimed at the chip inside a Tangem crypto wallet card, can reset the card's password to anything the attacker picks. No old password. No backup card. Once it is reset, whoever did it controls the wallet and...

6.1AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-7815

Malicious code in bioql PyPI...

3.2CVSS6.6AI score0.00339EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/03/09 1:50 a.m.8 views

CVE-2025-27839

operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation genuineness check that causes verification results to be disregarded during the first scan of a card. Exploitation may not have been possible...

3.2CVSS6.9AI score0.00339EPSS
Exploits0References1
OSV
OSV
added 2025/03/08 12:15 a.m.5 views

CVE-2025-27839

operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation genuineness check that causes verification results to be disregarded during the first scan of a card. Exploitation may not have been possible...

3.2CVSS6.9AI score0.00339EPSS
Exploits0References3
NVD
NVD
added 2025/03/08 12:15 a.m.9 views

CVE-2025-27839

operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation genuineness check that causes verification results to be disregarded during the first scan of a card. Exploitation may not have been possible...

3.2CVSS0.00339EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/08 12:0 a.m.2 views

Tangem 安全漏洞

Tangem is a native Kotlin library for the Android and JVM platforms open sourced by Tangem. A security vulnerability exists in Tangem versions prior to 5.18.3, which stems from a flawed logic in offline wallet authentication that could result in the results being ignored...

3.2CVSS6.8AI score0.00339EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/03/07 12:0 a.m.4 views

CVE-2025-27839

operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation genuineness check that causes verification results to be disregarded during the first scan of a card. Exploitation may not have been possible...

3.2CVSS7.2AI score0.00339EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/07 12:0 a.m.10 views

CVE-2025-27839

operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation genuineness check that causes verification results to be disregarded during the first scan of a card. Exploitation may not have been possible...

3.2CVSS0.00339EPSS
Exploits0References3
CVE
CVE
added 2025/03/07 12:0 a.m.72 views

CVE-2025-27839

The CVE affects Tangem SDK for Android (before 5.18.3) in AttestationTask.kt, where offline wallet genuineness check logic can cause verification results to be disregarded on the first card scan. The issue is limited to the first scan flow and exploitation may not have been possible; upgrading to...

3.2CVSS7.2AI score0.00339EPSS
Exploits0References3
Rows per page
Query Builder