Ledger's security research team Donjon disclosed a security vulnerability in Tangem hardware wallets. Research shows that after obtaining the physical card, an attacker can use lab-grade laser fault injection to bypass the recovery state check in the firmware, reset the wallet PIN, and sign transactions. Ledger stated that this attack requires chip decapping, approximately $250k worth of lab equipment, and professional expertise, and cannot be performed remotely. However, because Tangem's firmware is not upgradeable, this vulnerability cannot be fixed via a firmware update.

View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments
  • Pinned