Beware of phishing attacks, Ledger will never ask for the 24 words of your recovery phrase. Never share them. Learn more

Bluetooth protocol vulnerability

A vulnerability in the Bluetooth protocol has been disclosed that affects a wide range of Bluetooth devices. The flaw applies to BLE (Bluetooth Low Energy) to a lesser extent, possibly including the Ledger Nano X. We take this disclosure very seriously and are investigating its effects. 

Even if the BLE connection were to be compromised, the private keys providing access to your crypto assets can never leave the device. We recommend installing the latest updates for your smartphone to prevent the vulnerability from being exploited. Most major manufacturers have already released a patch.

Please be reminded that: 

  • Only public data is transported by Bluetooth; critical data such as private keys and recovery phrase never leave the device.
  • Even if the Bluetooth connection would be hacked, the security of the Ledger Nano X relies on the Secure Element (SE) which will request your consent for any action.
  • If ever, you’re not comfortable using your Ledger Nano X with a wireless connection, you can disable Bluetooth and use the USB cable.

Learn more about the Ledger Nano X Bluetooth security model in this blog post.

Was this article helpful?