ShapeShift Security Update

Our update on the KeepKey Vulnerability Disclosure.

ShapeShift
Dec 4, 2019 · 2 min read

On September 19th, 2019 we released an update to KeepKey’s firmware. Firmware version 6.2.2 contains fixes for 9 different vulnerabilities that were reported by researcher Christian Reitter via ShapeShift’s Responsible Disclosure Program. Two of these vulnerabilities are described in the following CVEs:

You can read more details about the two vulnerabilities on MITRE’s website once they’re fully published. All 9 vulnerabilities were fixed in KeepKey Firmware 6.2.2 which was released on September 19th, 2019.

Update to KeepKey Firmware 6.2.2

In the meantime, to ensure KeepKey can keep your coins as safe as possible, always make sure you’re using the latest version of KeepKey’s firmware. Instructions for doing this are available on our website.

Our Responsible Disclosure Program

If you’re a security researcher who has found what you believe to be a bug or vulnerability in any of ShapeShift’s products or services, don’t hesitate to submit it to ShapeShift’s Security Team via our Responsible Disclosure Program.

ShapeShift Stories

ShapeShift Stories: Sharing cryptocurrency education, news…

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store