CVE-2025-15645 | THREATINT

Description

Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation of the reset_handler parameter during firmware flashing. An attacker can provide a crafted reset_handler address pointing to invalid memory or attacker-controlled code to cause the device to enter an unrecoverable fault state during boot, resulting in permanent loss of operability.

PUBLISHED Reserved 2026-05-19 | Published 2026-05-19 | Updated 2026-05-20 | Assigner VulnCheck

MEDIUM: 4.6CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

MEDIUM: 5.1CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-1284 Improper Validation of Specified Quantity in Input

Product status

Default status

unaffected

Any version before 2.4.2

affected

Default status

unaffected

Any version before 1.2.2

affected

Default status

unaffected

Any version before 1.6.2

affected

Credits

Guanxing Wen finder

VulnCheck coordinator

References

donjon.ledger.com/lsb/021/ (Ledger Security Bulletin 021) vendor-advisory

www.vulncheck.com/...x-mcu-firmware-update-denial-of-service third-party-advisory

cve.org (CVE-2025-15645)

nvd.nist.gov (CVE-2025-15645)

Download JSON