CVE-2026-3671 identifies an improper authorization vulnerability in Freedom Factory's dGEN1 product, affecting versions up to 20260221. The vulnerability resides in the TokenBalanceContentProvider function within the org.ethereumphone.walletmanager.testing123 component. This flaw allows an attacker with local access and low privileges to manipulate authorization checks, potentially gaining unauthorized access to token balance information or related wallet functions. The attack vector requires local access, meaning the attacker must have some level of access to the device or system running dGEN1. No user interaction is needed, and the exploit complexity is low. The vulnerability does not affect confidentiality, integrity, or availability at a high level but does present a risk of unauthorized data access or modification within the wallet manager. The vendor was contacted early but did not respond, and no patches or mitigations have been published. The CVSS 4.0 base score is 4.8, reflecting medium severity due to the local access requirement and limited scope. The vulnerability could be leveraged in scenarios where an attacker gains physical or local access to a device, such as through insider threats or compromised endpoints. The lack of vendor response and patch availability increases the risk for organizations relying on dGEN1 for Ethereum wallet management.

The primary impact of CVE-2026-3671 is unauthorized access to token balance information and potentially other wallet-related data or functions within the dGEN1 product. This could lead to unauthorized disclosure of sensitive financial information or manipulation of wallet data. While the vulnerability does not directly enable remote exploitation or widespread denial of service, it poses a significant risk in environments where local access is possible, such as shared or compromised devices. For organizations, this could result in financial losses, reputational damage, and erosion of trust in blockchain wallet security. The medium severity score indicates moderate risk, but the exploitability without user interaction and low complexity means attackers with local access can reliably exploit the flaw. The absence of vendor patches or mitigations further elevates the threat. Organizations using dGEN1 in critical blockchain or financial applications should consider this vulnerability a notable risk, especially in environments with less stringent physical or local access controls.

Given the lack of official patches or vendor response, organizations should implement strict local access controls to limit who can access devices running dGEN1. This includes enforcing strong device authentication, restricting physical access, and using endpoint security solutions to detect unauthorized local activity. Monitoring and logging local access attempts and wallet-related operations can help identify exploitation attempts. Employing application sandboxing or containerization may reduce the impact of local exploits by isolating the wallet manager. Organizations should also consider using alternative wallet management solutions with active vendor support and timely patching. Regular security audits and penetration testing focused on local privilege escalation and authorization bypass scenarios are recommended. Finally, educating users about the risks of local device compromise and enforcing policies against unauthorized device sharing can reduce exposure.