Markak

**Name of the Vulnerable Software and Affected Versions** Samsung Blockchain Keystore versions prior to 1.3.13.5 **Description** The issue is related to a Protection Mechanism Failure in the bc tui trustlet, allowing a local attacker to execute arbitrary code. **Recommendations** For versions prior to 1.3.13.5, update to version 1.3.13.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Samsung Blockchain Keystore versions prior to 1.3.12.1 **Description** The issue is related to an Out-of-bounds Write vulnerability that occurs while processing the `BC TUI CMD SEND RESOURCE DATA` command in the `bc tui` trustlet. This vulnerability allows a local attacker to execute arbitrary code. **Recommendations** For versions prior to 1.3.12.1, update to version 1.3.12.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the `bc tui` trustlet to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Samsung Blockchain Keystore versions prior to 1.3.12.1 **Description** The issue is related to an Out-of-bounds Read while processing BC TUI CMD UPDATE SCREEN in the bc tui trustlet. This allows a local attacker to read arbitrary memory. **Recommendations** For versions prior to 1.3.12.1, update to version 1.3.12.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Samsung Blockchain Keystore versions prior to 1.3.12.1 **Description** The issue is related to an Out-of-bounds Read vulnerability that occurs while processing `CMD COLDWALLET BTC SET PRV UTXO` in the `bc core` trustlet. This allows a local attacker to read arbitrary memory. **Recommendations** For versions prior to 1.3.12.1, update to version 1.3.12.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the `bc core` trustlet to minimize the risk of exploitation.