CertiK recently discovered a critical bootloader vulnerability in Solana Phone

2023-11-15 21:50:57

Collection

ChainCatcher news, CertiK recently discovered a critical bootloader vulnerability in the Solana Phone. CertiK testing experts successfully jailbroke the device within a minute and emptied all assets on it in just a few steps.

The vulnerability stems from an insecure bootloader unlocking feature. In addition to stealing user assets, it also exposes all personal data stored on the device. Since early April, over 2,100 devices have been at severe risk.

Given the complexity of the vulnerability and the necessity of physical access, CertiK has informed Solana of the vulnerability and publicly released this vulnerability alert. CertiK emphasizes that this vulnerability is not limited to the Solana Phone and advises relevant projects and developers to take immediate action to strengthen bootloader protection.

(Source Link)

Related tags

CertiK Solana Phone

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.

2024-11-28 22:49

CertiK: Can assist in verifying the reserves of stablecoin issuer Circle elsewhere

2024-11-25 19:40

Data: Polter Finance attackers have deposited 220 ETH into Ethereum

2024-11-19 16:05

CertiK: The reason for the DEXX incident is improper management of private keys by the project team

2024-11-16 14:20

Related tags

CertiK Solana Phone

Mention the project

Solana High-performance underlying blockchain