11 matches found
Ledger多款产品 安全漏洞
The Ledger Nano X, among others, are products of the French company Ledger. The Ledger Nano X is a hardware wallet for cryptocurrency assets. The Ledger Flex is a touch-screen hardware wallet for cryptocurrency assets. The Ledger Stax is a curved electronic ink-screen hardware wallet for...
CVE-2019-14354
On Ledger Nano S and Nano X devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might ...
Ledger SAS Ledger Monero app information disclosure vulnerability
Ledger SAS Ledger Monero app is an application for Ledger eWallet device management from Ledger SAS, France. A security vulnerability exists in the Ledger SAS Ledger Monero app versions prior to 1.5.1 for Ledger Nano and Ledger S devices. An attacker could exploit the vulnerability by sending a...
CVE-2020-6861
A flawed protocol design in the Ledger Monero app before 1.5.1 for Ledger Nano and Ledger S devices allows a local attacker to extract the master spending key by sending crafted messages to this app selected on a PIN-entered Ledger connected to a host PC...
Design/Logic Flaw
A flawed protocol design in the Ledger Monero app before 1.5.1 for Ledger Nano and Ledger S devices allows a local attacker to extract the master spending key by sending crafted messages to this app selected on a PIN-entered Ledger connected to a host PC...
CVE-2019-14354
On Ledger Nano S and Nano X devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might ...
Code injection
On Ledger Nano S and Nano X devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might ...
CVE-2019-14354
Ledger Nano S/Nano X suffer a side‑channel risk from the row‑based OLED display: power consumption per display cycle correlates with illuminated pixels, enabling partial recovery of display contents (e.g., PIN or BIP39 mnemonic) if an attacker can monitor USB power while secret data is shown. Thi...
CVE-2019-14354
On Ledger Nano S and Nano X devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might ...
Ledger SAS Nano S and Nano X Information Disclosure Vulnerability
The Ledger SAS Nano S and Nano X are both an e-wallet device for storing cryptocurrencies from French company Ledger SAS. An information disclosure vulnerability exists in the Ledger SAS Nano S and Nano X, which can be exploited by an unauthorized attacker to obtain sensitive information about...
Cryptocurrency Wallet Hacks Spark Dustup
LEIPZIG, GERMANY – Hardware based cryptocurrency wallets may not be as secure as promised. That’s the judgement of Dmitry Nedospasov, Thomas Roth and Josh Datko who together presented their research at a session here at the 35c3 conference called “wallet.fail.” In the talk the researchers...