PoC repository for CVE-2020-6861: Ledger Monero App Spend key Extraction
CVE-2020-6861: Ledger Monero App Spend key Extraction PoC repository for article: deadcodeme/blog/2020/04/25/Ledger-Monero-app-spend-key-extractionhtml
A flawed protocol design in the Ledger Monero app prior to 1.5.1 for Ledger Nano and Ledger S devices allows a local malicious user to extract the master spending key by sending crafted messages to this app selected on a PIN-entered Ledger connected to a host PC.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ledger monero |