Donjon's Trezor Safe 3 evaluation

Reportada en November 12, 2024

Ledger Donjon evaluated our Trezor Safe Family and successfully reused a previously known attack to demonstrate how some countermeasures against supply chain attacks in Trezor Safe 3 can be bypassed. Trezor Safe 5 is not affected because it uses a more recent microcontroller designed to be more resilient to similar attacks.

Reportada por Ledger Donjon

Post en nuestro blog

Trezor Safe 3

Vulnerabilidades solucionadas

Reportada por la comunidad. Investigada. Solucionada. Porque tu seguridad no es una opción.

Missing confirmation in the ECDHSessionKey call
November 26, 2023
XSS in Trezor Connect legacy versions
February 7, 2023
Insufficient field size check in Protobuf
July 12, 2021
XSS in Trezor Connect
August 3, 2020
Missing path isolation check
July 14, 2020
Malicious change in mixed transactions
March 7, 2020