Lucene search
K

18 matches found

Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.12 views

PT-2026-32627

A side-channel vulnerability exists in the implementation of BIP-39 mnemonic processing, as observed in Trezor One v1.13.0 to v1.14.0, Trezor T v1.13.0 to v1.14.0, and Trezor Safe v1.13.0 to v1.14.0 hardware wallets. This originates from the BIP-39 standard guidelines, which induce non-constant...

4.6CVSS6AI score0.00246EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.6 views

Trezor多款产品 安全漏洞

Trezor One, among others, is a product of the Czech Republic-based Trezor company. Trezor One is a digital currency wallet device. Trezor T is a hardware cryptocurrency wallet device. Trezor Safe is also a hardware cryptocurrency wallet device. Several Trezor products have security vulnerabilitie...

4.6CVSS5.9AI score0.00246EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-5569

Malware in sbrugna...

4.2CVSS4.7AI score0.00374EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 5:43 p.m.5 views

CVE-2020-14199

BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee. NOTE: this affects all hardware wallets. It was fixed in 1.9.1 for the...

6.5CVSS6.9AI score0.00846EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:31 a.m.4 views

CVE-2019-14353

On Trezor One devices before 1.8.2, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might b...

4.2CVSS6.6AI score0.00374EPSS
Exploits1References1
OSV
OSV
added 2022/02/01 5:44 p.m.24 views

GSD-2022-1000069 Hardware glitching attack in Trezor One Hardware Wallet version Unknown

The Trezor Hardware Wallet One based on the ARM Cortex-M3-based STM32 F2 uses the RDP2 security level by default in SDP2 RAM cannot be copied, but the security can be downgraded to RDP1 where the contents of memory can be copied via glitch injection during device power on. Please note although th...

7.1AI score
Exploits0References2
OSV
OSV
added 2020/06/16 6:15 p.m.4 views

CVE-2020-14199

BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee. NOTE: this affects all hardware wallets. It was fixed in 1.9.1 for the...

6.5CVSS5.8AI score0.00846EPSS
Exploits0References1
NVD
NVD
added 2020/06/16 6:15 p.m.15 views

CVE-2020-14199

BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee. NOTE: this affects all hardware wallets. It was fixed in 1.9.1 for the...

6.5CVSS0.00846EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/06/16 5:7 p.m.30 views

CVE-2020-14199

BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee. NOTE: this affects all hardware wallets. It was fixed in 1.9.1 for the...

6.5AI score0.00846EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/06/16 12:0 a.m.3 views

PT-2020-13926

Name of the Vulnerable Software and Affected Versions: Trezor One versions prior to 1.9.1 Trezor Model T versions prior to 2.3.1 Description: The issue in the Bitcoin protocol specification, specifically BIP-143, mishandles the signing of a Segwit transaction. This allows attackers to trick a use...

6.5CVSS6.5AI score0.00846EPSS
Exploits0References3
CNVD
CNVD
added 2019/08/12 12:0 a.m.1 views

Trezor One Information Disclosure Vulnerability

Trezor One is a digital currency wallet device. An information disclosure vulnerability exists in Trezor One devices prior to version 1.8.2. The vulnerability stems from errors such as configuration during operation of a networked system or product. An unauthorized attacker could exploit the...

4.2CVSS6.1AI score0.00374EPSS
Exploits1References1
OSV
OSV
added 2019/08/08 7:15 p.m.2 views

CVE-2019-14353

On Trezor One devices before 1.8.2, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might b...

4.2CVSS5.8AI score0.00374EPSS
Exploits1References1
NVD
NVD
added 2019/08/08 7:15 p.m.16 views

CVE-2019-14353

On Trezor One devices before 1.8.2, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might b...

4.2CVSS4.3AI score0.00374EPSS
Exploits1References1
Prion
Prion
added 2019/08/08 7:15 p.m.8 views

Design/Logic Flaw

On Trezor One devices before 1.8.2, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might b...

1.9CVSS4.4AI score0.00374EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/08/08 6:52 p.m.20 views

CVE-2019-14353

On Trezor One devices before 1.8.2, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might b...

4.3AI score0.00374EPSS
Exploits1References1
CVE
CVE
added 2019/08/08 6:52 p.m.50 views

CVE-2019-14353

CVE-2019-14353 (Trezor One) : A side-channel vulnerability was identified in the row-based OLED display on Trezor One devices when running versions prior to 1.8.2. The power consumption of each display cycle correlates with the number of illuminated pixels, enabling a potential attacker with USB ...

4.2CVSS4.3AI score0.00374EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2019/08/08 12:0 a.m.4 views

PT-2019-13632 · Trezor · Trezor One

Name of the Vulnerable Software and Affected Versions: Trezor One versions prior to 1.8.2 Description: A side channel was found in the row-based OLED display of Trezor One devices, allowing a partial recovery of display contents based on power consumption. This could potentially be exploited by a...

4.2CVSS6.9AI score0.00374EPSS
Exploits1References3
ThreatPost
ThreatPost
added 2018/12/31 2:34 p.m.14 views

Cryptocurrency Wallet Hacks Spark Dustup

LEIPZIG, GERMANY – Hardware based cryptocurrency wallets may not be as secure as promised. That’s the judgement of Dmitry Nedospasov, Thomas Roth and Josh Datko who together presented their research at a session here at the 35c3 conference called “wallet.fail.” In the talk the researchers...

7.2AI score
Exploits0References13
Rows per page
Query Builder