The Ledger open-source research team has discovered and reported a vulnerability in Trezor’s Safe 3 and Safe 5 devices.
According to a post published on X on March 12, the Ledger open-source research team, known as Ledger Donjon, identified a flaw in the microcontrollers of Trezor’s Safe 3 and Safe 5 models. Despite Trezor’s recent security improvements, Ledger found that cryptographic operations can still be performed on the microcontroller, potentially exposing the devices to more “advanced attacks”.
Charles Guillemet, Chief Technology Officer at Ledger, stated:
“We believe that making the ecosystem more secure helps everyone, and is critical as we push towards broader adoption of crypto and digital assets.”
Trezor had already implemented Secure Elements (SE)—chips designed to protect users’ PIN codes and cryptographic secrets—since earlier Trezor devices could be compromised by modifying the running software, potentially allowing attackers to steal users’ funds. According to Ledger, this implementation “effectively hinders any low-cost hardware attack, particularly voltage glitching,” ensuring users’ funds remain protected even if the device is lost or stolen.
However, Ledger identified another potential attack vector originating from the microcontroller, the other main component of Trezor’s dual-chip design in the Safe 3 and 5 models. Trezor implemented firmware integrity checks to detect modified software, but Ledger demonstrated that an attacker can still bypass this security measure.
Trezor confirmed on X that users’ funds remain safe and no action is required. However, when asked whether the issue could be fixed via a firmware update, the hardware wallet provider responded:
