CVE-2023-27892 LOW

CVE-2023-27892

Vendor N/A
Product n/a
Published May 2, 2023
Last update January 30, 2025

CVSS base score

3.8/10
Attack vector Physical
Attack complexity High
Privileges required High
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AC:H/AV:P/A:N/C:H/I:N/PR:H/S:U/UI:N

What the vulnerability does

01Description

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cf_confirmExecTx() in ethereum_contracts.c can be used to reveal arbitrary microcontroller memory on the device screen or crash the device. With physical access to a PIN-unlocked device, attackers can extract the BIP39 mnemonic secret from the hardware wallet.

Key dates

02Disclosure timeline

May 2, 2023 CVE published
January 30, 2025 Record updated