Security researchers from Ledger’s Donjon team have uncovered a critical hardware vulnerability in Tangem hardware wallet cards, allowing attackers to reset device passwords using a targeted laser beam. The finding, disclosed on July 10, 2026, raises serious questions about the physical security of non-updatable cryptocurrency storage devices.
The attack exploits a laser fault injection technique, a well-documented method in hardware security but rarely demonstrated against commercial crypto wallets. By precisely directing a nanosecond laser pulse at the secure element chip, an attacker can induce temporary faults that bypass the firmware check verifying the card’s authorized recovery state. This effectively allows the SetPin instruction to accept a new password without requiring the existing one or a backup card.
The exploit requires physical possession of the target card, specialized laboratory equipment costing approximately $250,000, side-channel analysis tools, and expert knowledge. Ledger Donjon reproduced the attack on multiple cards, with each attempt taking about two hours of preparation and exploitation time. Once the password is reset, an attacker gains full control of the wallet and can sign transactions to drain funds.
Perhaps most concerning is that the vulnerability cannot be patched on existing cards. Tangem wallets are non-programmable smart cards, meaning their firmware is permanently embedded during manufacturing. Affected users can only mitigate the risk by physically securing their cards — keeping them in safes or tamper-evident enclosures.
Tangem has downplayed the findings, stating that the risk to everyday users is “virtually non-existent” due to the extreme resources required. In a response posted on X, the company noted that “...while Ledger Donjon presents itself as an independent research unit, it operates within Ledger, one of our largest competitors. Their findings should be read with that in mind.” The firm also emphasized that any secure element’s firmware can eventually be reverse-engineered given enough time and funding.
This incident underscores a broader debate in cryptocurrency security: the trade-off between convenience and upgradability. Traditional USB-style hardware wallets, like Ledger’s own devices, support firmware updates and can often patch vulnerabilities post-release. Card-based wallets sacrifice this flexibility for a slimmer form factor, leaving them exposed to hardware-level exploits that emerge after deployment. The disclosure is likely to reignite discussions on hardware wallet security standards and the importance of built-in countermeasures such as voltage sensors and active shielding.