Filtered by vendor Ledger
Subscriptions
Filtered by product Flex
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-15645 | 1 Ledger | 3 Flex, Nano X, Stax | 2026-05-20 | 4.6 Medium |
| Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation of the reset_handler parameter during firmware flashing. An attacker can provide a crafted reset_handler address pointing to invalid memory or attacker-controlled code to cause the device to enter an unrecoverable fault state during boot, resulting in permanent loss of operability. | ||||
Page 1 of 1.