Description
An issue discovered in com.samourai.wallet.PinEntryActivity.java in Streetside Samourai Wallet 0.99.96i allows attackers to view sensitive information and decrypt data via a brute force attack that uses a recovered samourai.dat file. The PIN is 5 to 8 digits, which may be insufficient in this situation.
Published: 2023-03-03
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2021-23284 An issue discovered in com.samourai.wallet.PinEntryActivity.java in Streetside Samourai Wallet 0.99.96i allows attackers to view sensitive information and decrypt data via a brute force attack that uses a recovered samourai.dat file. The PIN is 5 to 8 digits, which may be insufficient in this situation.
History

Fri, 07 Mar 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Samourai-wallet-android Project Samourai-wallet-android
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-03-07T17:21:33.795Z

Reserved: 2021-07-12T00:00:00.000Z

Link: CVE-2021-36689

cve-icon Vulnrichment

Updated: 2024-08-04T01:01:58.227Z

cve-icon NVD

Status : Modified

Published: 2023-03-04T00:15:15.273

Modified: 2024-11-21T06:13:55.077

Link: CVE-2021-36689

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses