CVE Vulnerability

CVE-2019-18671

Insufficient checks in the USB packet handling of the ShapeShift KeepKey hardware wallet before firmware 6.2.2 allow out-of-bounds writes in the .bss segment via crafted messages. The vulnerability could allow code execution or other forms of impact. It can be triggered by unauthenticated attackers and the interface is reachable via WebUSB.

10 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

9.8 /10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/keepkey/keepkey-firmware/commit/b222c66cdd7c3203d917c80ba615082d309d80c3 Patch Third Party Advisory
https://medium.com/shapeshift-stories/shapeshift-security-update-8ec89bb1b4e3 Third Party Advisory
https://medium.com/shapeshift-stories/keepkey-release-notes-v-6f7d2ec78065 Release Notes Third Party Advisory
https://blog.inhq.net/posts/keepkey-CVE-2019-18671/
Configurations

Configuration 1
Information

Published : 2019-12-06 06:15

Updated : 2020-02-12 03:15

NVD link : CVE-2019-18671

Mitre link : CVE-2019-18671

Products Affected

Keepkey

Keepkey Firmware

CWE
CWE-787