VAR-201908-0921
Vulnerability from variot - Updated: 2024-11-23 22:37On Ledger Nano S and Nano X devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN and BIP39 mnemonic. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. Unauthorized attackers can exploit the vulnerability to obtain sensitive information about affected components. This vulnerability stems from configuration errors in network systems or products during operation
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201908-0921",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nano s",
"scope": "eq",
"trust": 1.0,
"vendor": "ledger",
"version": null
},
{
"model": "nano x",
"scope": "eq",
"trust": 1.0,
"vendor": "ledger",
"version": null
},
{
"model": "nano s",
"scope": null,
"trust": 0.8,
"vendor": "ledger sas",
"version": null
},
{
"model": "nano x",
"scope": null,
"trust": 0.8,
"vendor": "ledger sas",
"version": null
},
{
"model": "sas nano s",
"scope": null,
"trust": 0.6,
"vendor": "ledger",
"version": null
},
{
"model": "sas nano",
"scope": "eq",
"trust": 0.6,
"vendor": "ledger",
"version": "x"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41835"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008033"
},
{
"db": "NVD",
"id": "CVE-2019-14354"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:ledger:nano_s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ledger:nano_x_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008033"
}
]
},
"cve": "CVE-2019-14354",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2019-14354",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CNVD-2019-41835",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "VHN-146292",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 0.9,
"id": "CVE-2019-14354",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-14354",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2019-14354",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2019-41835",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201908-660",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-146292",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41835"
},
{
"db": "VULHUB",
"id": "VHN-146292"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008033"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-660"
},
{
"db": "NVD",
"id": "CVE-2019-14354"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On Ledger Nano S and Nano X devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN and BIP39 mnemonic. In other words, the side channel is relevant only if the attacker has enough control over the device\u0027s USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. Unauthorized attackers can exploit the vulnerability to obtain sensitive information about affected components. This vulnerability stems from configuration errors in network systems or products during operation",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-14354"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008033"
},
{
"db": "CNVD",
"id": "CNVD-2019-41835"
},
{
"db": "VULHUB",
"id": "VHN-146292"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-14354",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008033",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201908-660",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-41835",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-146292",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41835"
},
{
"db": "VULHUB",
"id": "VHN-146292"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008033"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-660"
},
{
"db": "NVD",
"id": "CVE-2019-14354"
}
]
},
"id": "VAR-201908-0921",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41835"
},
{
"db": "VULHUB",
"id": "VHN-146292"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41835"
}
]
},
"last_update_date": "2024-11-23T22:37:44.285000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OLED screen (minor) vulnerability",
"trust": 0.8,
"url": "https://ledger-donjon.github.io/oled-vuln/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008033"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-203",
"trust": 1.0
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-146292"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008033"
},
{
"db": "NVD",
"id": "CVE-2019-14354"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://ledger-donjon.github.io/oled-vuln/"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14354"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14354"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41835"
},
{
"db": "VULHUB",
"id": "VHN-146292"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008033"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-660"
},
{
"db": "NVD",
"id": "CVE-2019-14354"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-41835"
},
{
"db": "VULHUB",
"id": "VHN-146292"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008033"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-660"
},
{
"db": "NVD",
"id": "CVE-2019-14354"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-41835"
},
{
"date": "2019-08-10T00:00:00",
"db": "VULHUB",
"id": "VHN-146292"
},
{
"date": "2019-08-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008033"
},
{
"date": "2019-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-660"
},
{
"date": "2019-08-10T16:15:10.770000",
"db": "NVD",
"id": "CVE-2019-14354"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-41835"
},
{
"date": "2019-08-21T00:00:00",
"db": "VULHUB",
"id": "VHN-146292"
},
{
"date": "2019-08-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008033"
},
{
"date": "2019-08-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-660"
},
{
"date": "2024-11-21T04:26:34.487000",
"db": "NVD",
"id": "CVE-2019-14354"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ledger Nano S and Nano X device Vulnerable to information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008033"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-660"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…