SRAM dump via glitching the firmware update #28
Closed
tsusanka
announced in
Past Security Issues
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Details
Using a special glitching hardware an attacker could trick the device processor into Read Protection level 1 which allows readout of RAM. The issue was fixed by not storing sensitive data in RAM during the firmware update.
Fix
trezor/trezor-firmware@07231d9
Read more
Official blogpost
Beta Was this translation helpful? Give feedback.
All reactions