Hexens disclosed that Aptos has fixed a vulnerability that could affect infrastructure such as cross-chain bridges and stablecoins.

robot
Abstract generation in progress

Jinse Finance reported that on July 5, blockchain security company Hexens disclosed that earlier this year, in February, it found a serious vulnerability in the Aptos blockchain’s Move Virtual Machine (Move VM). Hexens said it completed the fix within hours after filing the report, with no loss of funds.

Hexens stated that the vulnerability stemmed from a caching-handling defect, which could lead to a type confusion vulnerability. In theory, an attacker could use it to gain high-privilege roles such as stablecoin minting, cross-chain bridges, and DeFi protocols. The research team used servers worth roughly $3,000 to set up a simulated environment close to the mainnet, tested the exploit path about 20 times, and succeeded about 17 to 18 times. They also assessed that the vulnerability could potentially affect about $250 million in Aptos native TVL. If it were to further impact infrastructure such as cross-chain bridges, stablecoins, and centralized exchanges, the theoretical systemic risk exposure could be as high as about $70 billion.

Aptos, however, said that the vulnerability has an extremely low degree of exploitability in real-world environments. It also stated that it had completed the fix promptly through a bug bounty program, and that it did not affect any users or funds.

APT-1.66%
View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments
  • Pinned