Ledger Highlights Ongoing Vulnerabilities in Trezor Safe Hardware Wallets Despite Security Upgrades
In the rapidly evolving field of crypto asset security, hardware wallet manufacturers consistently strive to outpace potential security threats. Yet even advanced devices can remain susceptible, particularly when faced with sophisticated physical attacks targeting components deep within their design. According to recent research by Ledger Donjon—the cybersecurity analysis division of hardware wallet provider Ledger—Trezor’s latest range of Safe devices still suffers from potential vulnerabilities linked to their underlying microcontrollers.
Enhanced Security Measures Still Fall Short
Ledger’s latest research, detailed in a blog post published on March 12, closely examines the Trezor Safe models, lauded by the manufacturer for incorporating advanced security features. Notably, these devices utilise a dual-chip setup, including a certified Secure Element (Optiga Trust M), which securely handles sensitive cryptographic keys and PIN codes. While acknowledging this architectural improvement, Ledger cautions that crucial cryptographic processes still depend heavily on the device’s main microcontroller, exposing it to significant vulnerabilities.
Ledger’s analysis underscores that Trezor’s microcontroller, labelled TRZ32F429, is essentially a repackaged STM32F429 chip—an off-the-shelf microcontroller with known security flaws. According to Ledger’s research team, this particular microcontroller family remains susceptible to voltage glitching attacks, allowing adversaries to gain unauthorized read and write access to the device’s flash memory.
Practical Risks: Software-Based Exploitation Possible
Ledger experts highlighted that despite the presence of anti-tampering measures within Trezor Safe devices, these protections may not be sufficient against sophisticated attackers. They assert it would merely be “a matter of time and engineering effort” before malicious actors could exploit these vulnerabilities practically.
More critically, the researchers point out that these attacks could potentially be executed purely through software manipulation, rendering traditional detection methods—whether cryptographic validation or visual inspection—ineffective.
Supply Chain Attacks: Persistent Threat
One of Ledger’s most pressing concerns revolves around supply chain security—where compromised devices can find their way to end-users without detection. Such attacks could exploit the identified microcontroller vulnerabilities during manufacturing or distribution stages, undermining trust even before a device reaches consumers.
Ledger’s report warns explicitly that the vulnerabilities identified within Trezor’s microcontroller facilitate stealthy supply chain attacks. Given their subtlety, these breaches may evade typical safeguards, reinforcing the need for rigorous vigilance from manufacturers and consumers alike.
Trezor Responds: Reassurance Amid Criticism
Responding swiftly to Ledger’s revelations, Trezor addressed user concerns through its official X account. The company reassured customers that their cryptocurrency holdings remain secure, describing Ledger Donjon’s attack methodology as a variant of previously known vulnerabilities. According to Trezor’s statement, Ledger’s research merely "bypassed some of our newer countermeasures against supply chain attacks," emphasizing that the findings did not represent a fundamentally novel threat vector.
Continued Vigilance Required
While acknowledging Trezor’s advancements in hardware security, Ledger’s report ultimately reinforces that security is an ongoing process rather than a static achievement. Hardware wallet developers must continually refine their strategies against increasingly advanced physical and software-based attacks, particularly those targeting subtle weaknesses embedded in device architectures.
As Ledger’s findings highlight, the crypto community must remain attentive, aware that no single security solution is infallible. Vigilance, proactive security testing, and transparent communication will continue to be essential components of protecting users’ assets from sophisticated and evolving threats.