Atlas21
  • ‎
No Result
View All Result
Atlas21
No Result
View All Result
Atlas21
Home Bitcoin

Vulnerability discovered in Trezor Safe devices by Ledger team

Newsroom by Newsroom
March 17, 2025
in Bitcoin
Scoperta vulnerabilitĂ  nei dispositivi Trezor Safe grazie al team di Ledger
Share on FacebookShare on TwitterShare on Linkedin

The Ledger open-source research team has discovered and reported a vulnerability in Trezor’s Safe 3 and Safe 5 devices.

According to a post published on X on March 12, the Ledger open-source research team, known as Ledger Donjon, identified a flaw in the microcontrollers of Trezor’s Safe 3 and Safe 5 models. Despite Trezor’s recent security improvements, Ledger found that cryptographic operations can still be performed on the microcontroller, potentially exposing the devices to more “advanced attacks”.

At @Ledger, you might know that we have the @DonjonLedger, our dedicated team constantly conducting open security research.

We recently worked with Trezor, revealing that their Trezor Safe 3 was susceptible to physical supply chain attacks. Here's a thread on our findings:đź§µ pic.twitter.com/CORDOQWRYg

— Charles Guillemet (@P3b7_) March 12, 2025

Charles Guillemet, Chief Technology Officer at Ledger, stated:

“We believe that making the ecosystem more secure helps everyone, and is critical as we push towards broader adoption of crypto and digital assets.”

Trezor had already implemented Secure Elements (SE)—chips designed to protect users’ PIN codes and cryptographic secrets—since earlier Trezor devices could be compromised by modifying the running software, potentially allowing attackers to steal users’ funds. According to Ledger, this implementation “effectively hinders any low-cost hardware attack, particularly voltage glitching,” ensuring users’ funds remain protected even if the device is lost or stolen.

However, Ledger identified another potential attack vector originating from the microcontroller, the other main component of Trezor’s dual-chip design in the Safe 3 and 5 models. Trezor implemented firmware integrity checks to detect modified software, but Ledger demonstrated that an attacker can still bypass this security measure.

Source: Ledger

Trezor confirmed on X that users’ funds remain safe and no action is required. However, when asked whether the issue could be fixed via a firmware update, the hardware wallet provider responded:

Hi, unfortunately not. In cybersecurity, the golden rule is simple: nothing is fully unbreakable. That’s why we have already implemented a multi-layer defense against supply chain attacks and always advise our users to purchase from official sources.

— Trezor (@Trezor) March 12, 2025
Previous Post

The strategic Bitcoin reserve is for businesses, not for states

Next Post

Russia: the Central Bank opens crypto trading to qualified investors

Latest News

Tuscany Lightning Summit 2025: LN come linguaggio comune dell’ecosistema Bitcoin
Bitcoin

Tuscany Lightning Summit 2025: LN as a common language of the Bitcoin ecosystem

by Newsroom
May 9, 2025
0

Report on the event dedicated to Bitcoin protocol's main layer 2, organized by Fulgur Ventures.

Read moreDetails
stablecoin
Crypto

Meta considers stablecoin integration: the tech giant returns to the crypto world

by Newsroom
May 9, 2025
0

Social media giant Meta is exploring stablecoins for payments across its platforms.

Read moreDetails
arizona
Bitcoin

Arizona grabs abandoned bitcoins: the State reserve is born

by Newsroom
May 9, 2025
0

Arizona launches its Bitcoin and digital asset reserve fund by signing House Bill 2749, which allows the state to claim...

Read moreDetails
bitcoin
Bitcoin

Florida says no to Bitcoin: state treasury bills withdrawn

by Newsroom
May 9, 2025
0

Florida drops proposals for Bitcoin investments, while other U.S. states continue the race for a strategic reserve.

Read moreDetails
samourai wallet
Bitcoin

Samourai Wallet vs. the authorities: allegations of evidence concealment

by Newsroom
May 6, 2025
0

The co-founders of Samourai Wallet claim that federal prosecutors concealed FinCEN guidance that would have cleared them of the charges.

Read moreDetails
Atlas21

© 2025 Atlas21

Navigate Site

  • About
  • Home
  • Feature
  • Bitcoin
  • Careers
  • Opinion
  • Interviews
  • Privacy Policy
  • News
  • Learn
  • B2B
  • Press
  • Cookie Policy

Follow Us

No Result
View All Result
  • News
  • Interviews
  • Learn
  • Feature
  • Services
  • Adoption
  • ‎
    • ‎

© 2025 Atlas21

We use cookies to ensure that we give you the best experience on our website. If you continue to use this site, we will assume that you are happy with it.AcceptCookie