Security:Important security updates

From Trezor Wiki
Jump to: navigation, search
Trezor Wiki/Security/ Important security updates

Important security updates are updates for Trezor device firmware by SatoshiLabs. These updates bring better security for Trezor users.

History of Trezor important security firmware updates:

29 October 2018 - Firmware update 1.7.1 (Trezor One)[edit]

The firmware update implements fixes to vulnerabilities found in bech32_decode and cash_decode functions. Christian Reitter and Dr. Jochen Hoenicke disclosed the vulnerabilities on 26th September 2018 and 24th October 2018, respectively.

While not affecting the security of protected data, these vulnerabilities could potentially open possibilities for a denial of service-type attack-which would turn the device off.

For more information about this firmware update see also this blog.

30 August 2018 - Firmware update 1.6.3 (Trezor One)[edit]

This update expanded the scope of the firmware update 1.6.1. This vulnerability was reported by Sunny. Security update in firmware 1.6.1 could be extended to cover for another attack vector of the same type.

Therefore SatoshiLabs made the MPU rules stricter in this update, preventing another class of potential attacks. To reflect the improvements, this firmware update updates bootloader as well.

For more information about this firmware update see also this blog.

25 June 2018 - Firmware updates 1.6.2 (Trezor One)[edit]

The firmware update contained security improvements by efforts of Christian Reitter and Jochen Hoenicke.

For more information about this firmware update see also this blog.

21 March 2018 - Firmware update 1.6.1 (Trezor One)[edit]

Incident: STM32F205 chip issue

Detail: The bootloader memory write-protection is not working as intended in the STM32F205, which is used in the Trezor One. The issue was solved by activating the Memory Protection Unit, keeping the bootloader safe from unauthorized write-access.

This vulnerability was reported by Saleem Rashid and was fixed in 35 days.

For more information about this firmware update see also this blog and trezor security past incidents timeline

16 August 2017 - Firmware update 1.5.2 (Trezor One)[edit]

Incident: SRAM memory access

Detail: The SRAM was not cleared on soft reset, allowing extraction using special firmware and direct access to the device board.

This vulnerability was reported by Sunny and was fixed in 8 days.

For more information about this firmware update see also this blog and trezor security past incidents timeline


Note In June 2017, SatoshiLabs were contacted by Josh Datko and Chris Quartier, regarding a theoretical fault attack vector, by glitching the clock or VCC of the device. Josh and Chris presented their findings at DEFCON, and Satoshilabs team incorporated their recommendations in the firmware version 1.5.1.


26 March 2015 - Firmware update 1.3.3 (Trezor One)[edit]

Incident: Possible key extraction with an oscilloscope

Detail: With physical access to the device and an oscilloscope, the private key could have been extracted from the device.

This vulnerability was reported by Jochen Hoenicke and was fixed in 4 days.

For more information see also this trezor security past incidents timeline

23 February 2015 - Firmware update 1.3.1 (Trezor One)[edit]

Incident: SpendMultisig malicious change in transaction

Detail: A specially crafted multisig transaction could contain a change output of an attacker, which wasn't confirmed by the user.

This vulnerability was reported by Nicolas Bacca and was fixed in 1 day.

For more information see also this trezor security past incidents timeline

30 July 2014 - Firmware update 1.2.0 (Trezor One)[edit]

Incident: Malicious ScriptSig in transaction

Detail: A specially crafted transaction could extract the private key. Knowledge of PIN and passphrase was required.

This vulnerability was reported by Nicolas Bacca and was fixed in 4 hours.

For more information see also this trezor security past incidents timeline

Like Trezor? Get one here!