CVE-2023-21511

Name of the Vulnerable Software and Affected Versions Samsung Blockchain Keystore versions prior to 1.3.12.1

Description The issue is related to an Out-of-bounds Read vulnerability that occurs while processing CMD COLDWALLET BTC SET PRV UTXO in the bc core trustlet. This allows a local attacker to read arbitrary memory.

Recommendations For versions prior to 1.3.12.1, update to version 1.3.12.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the bc core trustlet to minimize the risk of exploitation.