Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
keepkey keepkey firmware vulnerabilities and exploits
(subscribe to this query)
6.6
CVSSv3
CVE-2022-30330
In the KeepKey firmware prior to 7.3.2,Flaws in the supervisor interface can be exploited to bypass important security restrictions on firmware operations. Using these flaws, malicious firmware code can elevate privileges, permanently make the device inoperable or overwrite the t...
Keepkey Keepkey Firmware
9.8
CVSSv3
CVE-2019-18671
Insufficient checks in the USB packet handling of the ShapeShift KeepKey hardware wallet before firmware 6.2.2 allow out-of-bounds writes in the .bss segment via crafted messages. The vulnerability could allow code execution or other forms of impact. It can be triggered by unauth...
Keepkey Keepkey Firmware
8.8
CVSSv3
CVE-2021-31616
Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware prior to 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereum_extractThorchainSwapData() in ethereum.c can circumvent stack protections and lead to code execution. The vuln...
Shapeshift Keepkey Firmware
7.5
CVSSv3
CVE-2019-18672
Insufficient checks in the finite state machine of the ShapeShift KeepKey hardware wallet before firmware 6.2.2 allow a partial reset of cryptographic secrets to known values via crafted messages. Notably, this breaks the security of U2F for new server registrations and invalidat...
Shapeshift Keepkey Firmware
5.7
CVSSv3
CVE-2023-27892
Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware prior to 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cf_confirmExecTx() in ethereum_contracts.c can be used to reveal arbitrary microcontroller memory on the device screen or cra...
Shapeshift Keepkey Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started