diff --git a/.changeset/tiny-dancers-smell.md b/.changeset/tiny-dancers-smell.md
new file mode 100644
index 000000000000..c22227eec66a
--- /dev/null
+++ b/.changeset/tiny-dancers-smell.md
@@ -0,0 +1,5 @@
+---
+"@ledgerhq/live-common": patch
+---
+
+Sanitize the bulk exchange payload from HSM before exchanging it with the device
diff --git a/libs/ledger-live-common/src/socket/index.ts b/libs/ledger-live-common/src/socket/index.ts
index 6e7b53f05c61..33d858f81973 100644
--- a/libs/ledger-live-common/src/socket/index.ts
+++ b/libs/ledger-live-common/src/socket/index.ts
@@ -189,17 +189,20 @@ export const createDeviceSocket = (
             await new Promise((resolve, reject) => {
               let i = 0;
               notify(0);
+              // if the bulk payload includes trailing empty strings we end up
+              // sending empty data to the device and causing a disconnect.
+              const cleanData = data
+                .map(d => (d !== "" ? Buffer.from(d, "hex") : null))
+                .filter(Boolean);
+
               // we also use a subscription to be able to cancel the bulk if the user unsubscribes
-              bulkSubscription = transport.exchangeBulk(
-                data.map(d => Buffer.from(d, "hex")),
-                {
-                  next: () => {
-                    notify(++i);
-                  },
-                  error: e => reject(e),
-                  complete: () => resolve(null),
+              bulkSubscription = transport.exchangeBulk(cleanData, {
+                next: () => {
+                  notify(++i);
                 },
-              );
+                error: e => reject(e),
+                complete: () => resolve(null),
+              });
             });
             if (unsubscribed) {
               log("socket", "unsubscribed before end of bulk");