PT-2018-9575 · Bitpay · Copay Bitcoin Wallet

Fallingsnow

Publicado

2018-12-20

Atualizado

2020-08-24

CVE-2018-1000851

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Copay Bitcoin Wallet versions 5.01 through 5.1.0

Description The issue concerns the storage of wallet private keys, which can be compromised. This can occur when the affected version runs malicious code at startup. It is estimated that a significant number of users may be affected, although the exact number is not specified. The vulnerability appears to have been addressed in version 5.2.0 and later.

Recommendations For Copay Bitcoin Wallet versions 5.01 through 5.1.0, update to version 5.2.0 or later to resolve the issue.

Exploit

Correção

Insufficiently Protected Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-522

Identificadores relacionados

CVE-2018-1000851

Produtos afetados

Copay Bitcoin Wallet

PT-2018-9575 · Bitpay · Copay Bitcoin Wallet

CVE-2018-1000851

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6