Описание
The GarminOS TVM component in CIQ API version 1.0.0 through 4.1.7 is vulnerable to various buffer overflows when loading binary resources. A malicious application embedding specially crafted resources could hijack the execution of the device's firmware.
Уязвимые конфигурации
Конфигурация 1Версия от 1.0.0 (включая) до 4.1.7 (включая)
cpe:2.3:a:garmin:connect-iq:*:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00356
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-120
CWE-120
Связанные уязвимости
CVSS3: 9.8
github
больше 2 лет назад
The GarminOS TVM component in CIQ API version 1.0.0 through 4.1.7 is vulnerable to various buffer overflows when loading binary resources. A malicious application embedding specially crafted resources could hijack the execution of the device's firmware.
EPSS
Процентиль: 57%
0.00356
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-120
CWE-120