Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:40 a.m.10 views

CVE-2024-23660

The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...

7.5CVSS6.5AI score0.00552EPSS
Exploits1References1
Circl
Circl
added 2024/02/08 9:31 p.m.25 views

CVE-2024-23660

creationtimestamp| type| source ---|---|--- 2024-02-08 21:31:56+00:00| seen| https://t.me/ctinow/181641 2024-02-15 19:17:08+00:00| seen| https://t.me/ctinow/185797 2024-02-15 20:16:27+00:00| seen| https://t.me/BitLenta/25052 2024-02-15 21:31:24+00:00| published-proof-of-concept|...

7.5CVSS7.1AI score0.00552EPSS
Exploits1References9
VulnCheck KEV
VulnCheck KEV
added 2024/02/08 12:0 a.m.10 views

VulnCheck KEV: CVE-2024-23660

The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July...

7.5CVSS7.1AI score0.00552EPSS
Exploits1References1
CVE
CVE
added 2024/02/08 12:0 a.m.75 views

CVE-2024-23660

The CVE-2024-23660 entry concerns Binance Trust Wallet for iOS (version 0.0.4). The root cause is misuse of the trezor-crypto library, causing mnemonic words to be generated with device time as the sole entropy source. This leads to predictable mnemonics and potential theft of funds, with real-wo...

7.5CVSS7.2AI score0.00552EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder