VYPR

Trezor One

by Trezor

CVEs (2)

  • CVE-2020-14199Jun 16, 2020
    risk 0.00cvss epss 0.01

    BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee. NOTE: this affects all hardware wallets. It was fixed…

  • CVE-2019-14353Aug 8, 2019
    risk 0.00cvss epss 0.00

    On Trezor One devices before 1.8.2, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the…