2 matches found
CVE-2022-30330
In the KeepKey firmware before 7.3.2,Flaws in the supervisor interface can be exploited to bypass important security restrictions on firmware operations. Using these flaws, malicious firmware code can elevate privileges, permanently make the device inoperable or overwrite the trusted bootloader...
CVE-2022-30330
KeepKey firmware prior to 7.3.2 is affected. The issue stems from flaws in the supervisor interface, specifically improper handling of the svhandler_flash_* address range checks in lib/board/supervise.c, which can allow malicious firmware to bypass firmware-operation restrictions, elevate privile...