CVE-2024-32482

Name of the Vulnerable Software and Affected Versions Tillitis TKey signer device application versions prior to 1.0.0

Description A vulnerability has been found in the Tillitis TKey signer device application, an ed25519 signing tool, which makes it possible to disclose portions of the TKey’s data in RAM over the USB interface. To exploit the vulnerability, an attacker needs to use a custom client application and touch the TKey. No secret is disclosed.

Recommendations For versions prior to 1.0.0, upgrade to version 1.0.0 to receive a fix. At the moment, there is no information about other workarounds for this issue.