VYPR
Unrated severityNVD Advisory· Published Feb 14, 2023· Updated Mar 20, 2025

CVE-2023-25758

CVE-2023-25758

Description

Onekey Touch devices through 4.0.0 and Onekey Mini devices through 2.10.0 allow man-in-the-middle attackers to obtain the seed phase. The man-in-the-middle access can only be obtained after disassembling a device (i.e., here, "man-in-the-middle" does not refer to the attacker's position on an IP network). NOTE: the vendor states that "our hardware team has updated the security patch without anyone being affected."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Onekey/Onekey Touch, Onekey Minidescription
  • Birddog/Minillm-fuzzy
    Range: <=2.10.0
  • Drupac/Touchllm-fuzzy
    Range: <=4.0.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.