Search Results (1 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-15645 2 Ledger, Ledger-cli 4 Flex, Nano X, Stax and 1 more 2026-07-14 4.6 Medium
Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation of the reset_handler parameter during firmware flashing. An attacker can provide a crafted reset_handler address pointing to invalid memory or attacker-controlled code to cause the device to enter an unrecoverable fault state during boot, resulting in permanent loss of operability.