CVE-2023-27892

LOW

3.8CVSS v3

—CVSS v2

0.19% EPSS (exploit probability)

CWE-125CWE

Description

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cf_confirmExecTx() in ethereum_contracts.c can be used to reveal arbitrary microcontroller memory on the device screen or crash the device. With physical access to a PIN-unlocked device, attackers can extract the BIP39 mnemonic secret from the hardware wallet.

CVSS v3 vector: CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE