VYPR
← All advisories
High severityNVD Advisory· Published Feb 8, 2021· Updated Aug 3, 2024

CVE-2021-25834

CVE-2021-25834

Description

Cosmos Network Ethermint <= v0.4.0 is affected by a transaction replay vulnerability in the EVM module. If the victim sends a very large nonce transaction, the attacker can replay the transaction through the application.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Cosmos Network Ethermint <= v0.4.0 contains a transaction replay vulnerability due to insufficient nonce check in the EVM module.

Vulnerability

Cosmos Network Ethermint versions up to v0.4.0 are affected by a transaction replay vulnerability in the EVM module. The root cause is an insufficient nonce check in the AnteHandler, where the nonce verification only ensures the transaction nonce is greater than the account sequence (<) rather than an exact equality (!=) [1][4]. This allows transactions with arbitrarily large nonces to pass the initial validation.

Exploitation

To exploit this vulnerability, an attacker monitors the network for a transaction from a victim that uses a very large nonce. Because the nonce check only requires the transaction nonce to be greater than the account's current sequence, the attacker can replay that same transaction after it has been included in a block. The signature verification also uses the nonce from the transaction data, so the replayed transaction remains valid [4].

Impact

A successful attack allows unauthorized replay of a victim's transaction, potentially leading to repeated fund transfers or unintended contract executions, depending on the transaction's content [1].

Mitigation

The issue was fixed in Ethermint version v0.4.1, which changed the nonce check to explicitly require the transaction nonce to equal the account sequence [2][3]. Users should upgrade to v0.4.1 or later to prevent this vulnerability.

References
  1. NVD - CVE-2021-25834
  2. Fix nonce issue for replay attack (#692) · cosmos/ethermint@d7bdbd7
  3. Release v0.4.1 · cosmos/ethermint
  4. Weak noncecheck lead to replay of transactions

AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/cosmos/ethermintGo
< 0.4.10.4.1

Affected products

3

Patches

1
d7bdbd748864

Fix nonce issue for replay attack (#692)

https://github.com/cosmos/ethermintDaniel ChoiJan 9, 2021via ghsa
commit
3 files changed · +10 8
  • app/ante/eth.go+1 1 modified
    @@ -257,7 +257,7 @@ func (nvd NonceVerificationDecorator) AnteHandle(ctx sdk.Context, tx sdk.Tx, sim
 	// if multiple transactions are submitted in succession with increasing nonces,
 	// all will be rejected except the first, since the first needs to be included in a block
 	// before the sequence increments
-	if msgEthTx.Data.AccountNonce < seq {
+	if msgEthTx.Data.AccountNonce != seq {
 		return ctx, sdkerrors.Wrapf(
 			sdkerrors.ErrInvalidSequence,
 			"invalid nonce; got %d, expected %d", msgEthTx.Data.AccountNonce, seq,
  • CHANGELOG.md+2 0 modified
    @@ -44,6 +44,8 @@ Ref: https://keepachangelog.com/en/1.0.0/
 
 ### Bug Fixes
 
+* (evm) [\#687](https://github.com/cosmos/ethermint/issues/687) Fix nonce check to explicitly check for the correct nonce, rather than a simple 'greater than' comparison. 
+* (api) [\#687](https://github.com/cosmos/ethermint/issues/687) Returns error for a transaction with an incorrect nonce. 
 * (evm) [\#674](https://github.com/cosmos/ethermint/issues/674) Reset all cache after account data has been committed in `EndBlock` to make sure every node state consistent.
 * (evm) [\#672](https://github.com/cosmos/ethermint/issues/672) Fix panic of `wrong Block.Header.AppHash` when restart a node with snapshot.
  • rpc/namespaces/eth/api.go+7 7 modified
    @@ -1000,16 +1000,16 @@ func (api *PublicEthereumAPI) generateFromArgs(args rpctypes.SendTxArgs) (*evmty
 		gasPrice = big.NewInt(ethermint.DefaultGasPrice)
 	}
 
-	if args.Nonce == nil {
-		// get the nonce from the account retriever and the pending transactions
-		nonce, err = api.accountNonce(api.clientCtx, args.From, true)
-	} else {
-		nonce = (uint64)(*args.Nonce)
-	}
-
+	// get the nonce from the account retriever and the pending transactions
+	nonce, err = api.accountNonce(api.clientCtx, args.From, true)
 	if err != nil {
 		return nil, err
 	}
+	if args.Nonce != nil {
+		if nonce != (uint64)(*args.Nonce) {
+			return nil, fmt.Errorf(fmt.Sprintf("invalid nonce; got %d, expected %d", (uint64)(*args.Nonce), nonce))
+		}
+	}
 
 	if args.Data != nil && args.Input != nil && !bytes.Equal(*args.Data, *args.Input) {
 		return nil, errors.New("both 'data' and 'input' are set and not equal. Please use 'input' to pass transaction call data")

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

5

News mentions

0

No linked articles in our index yet.