Zurück zum Sicherheitsportal
Donjon's Trezor Safe 3 evaluation
Gemeldet auf November 12, 2024
Ledger Donjon evaluated our Trezor Safe Family and successfully reused a previously known attack to demonstrate how some countermeasures against supply chain attacks in Trezor Safe 3 can be bypassed. Trezor Safe 5 is not affected because it uses a more recent microcontroller designed to be more resilient to similar attacks.
Behobene Sicherheitslücken
Gemeldet durch Community. Untersucht. Gelöst. Weil deine Sicherheit nie optional ist.
- Unauthenticated Remote DoS via xpub Change-Index Amplification19. Mai 2026
- Unauthenticated Remote Memory Exhaustion via Unbounded Timestamp Array19. Mai 2026
- Cross-Origin Popup Takeover in Trezor Connect popup3. Mai 2026
- Solana ALT recipient confirmation mismatch6. April 2026
- Solana account type misclassification6. April 2026
- Reflected cross-site scripting (XSS) vulnerability on connect.trezor.io via hash fragment script injection25. März 2026