122 matches found
WastedLocker: technical analysis
The use of crypto-ransomware in targeted attacks has become an ordinary occurrence lately: new incidents are being reported every month, sometimes even more often. On July 23, Garmin, a major manufacturer of navigation equipment and smart devices, including smart watches and bracelets, experience...
A Cyberattack on Garmin Disrupted More Than Workouts
A ransomware hit and subsequent outage caused problems in the company’s aviation services, including flight planning and mapping...
Ransomware attack on fitness devices maker Garmin cripples operation
By Waqas Garmin ransomware attack not only disrupted its operation but... This is a post from HackRead.com Read the original post: Ransomware attack on fitness devices maker Garmin cripples operation...
Smartwatch Maker Garmin Shuts Down Services After Ransomware Attack
Garmin, the maker of fitness trackers, smartwatches and GPS-based wearable devices, is currently dealing with a massive worldwide service interruption after getting hit by a targeted ransomware attack, an employee of the company told The Hacker News on condition of anonymity. The company's websit...
Smartwatch Maker Garmin Shuts Down Services After Ransomware Attack
Garmin, the maker of fitness trackers, smartwatches and GPS-based wearable devices, is currently dealing with a massive worldwide service interruption after getting hit by a targeted ransomware attack, an employee of the company told The Hacker News on condition of anonymity. The company's websit...
UPDATED: Garmin Suffers Reported Ransomware Attack
Garmin, maker of fitness trackers, smartwatches and GPS-related products, has reportedly suffered a widespread ransomware attack — though the facts around the cause remain unconfirmed for now. The manufacturer tweeted on Thursday that its Garmin Connect service is down; Garmin is a free app for...
garmin.cz XSS vulnerability
Open Bug Bounty ID: OBB-578762 Description| Value ---|--- Affected Website:| garmin.cz Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
my.garmin.com Cross Site Request Forgery vulnerability
Vulnerable URL: https://my.garmin.com/mygarmin/customers/updateCustomerInfo.faces Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| Cross Site Request Forgery Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...
sso.garmin.com Open Redirect vulnerability
Vulnerable URL: https://sso.garmin.com/sso/?service=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check sso.garmin.com SS...
sso.garmin.com XSS vulnerability
Vulnerable URL: https://sso.garmin.com/sso/resetPassword?service=xss=olaxpw-conctmodern008=true=casLoginView"wsf=1 Details: Description| Value ---|--- Patched:| Yes, at 03.01.2018 Latest check for patch:| 03.01.2018 06:19 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alex...
sso.garmin.com Open Redirect vulnerability
Vulnerable URL: https://sso.garmin.com/sso/login?service=https://www.openbugbounty.org=olaxpw-conctmodern008=true Details: Description| Value ---|--- Patched:| Yes, at 23.08.2017 Latest check for patch:| 23.08.2017 11:55 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly...
connect.garmin.com XSS vulnerability
Vulnerable URL: https://connect.garmin.com/modern/oauthConfirm?hl=ruRUtoken=85698b8a-b4b9-44d7-9ebb-4004db6a8c9acallback=https://www.strava.com/oauth/garminconnect/authorize" Details: Description| Value ---|--- Patched:| Yes, at 17.03.2017 Latest check for patch:| 17.03.2017 08:11 GMT Vulnerabili...
Garmin Connect™ Mobile - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Garmin Connect™ Mobile published at the 'play' market has multiple vulnerabilities...
Garmin Smartphone Link - Customized SSL, Exported components, External URLs vulnerabilities
HackApp vulnerability scanner discovered that application Garmin Smartphone Link published at the 'play' market has multiple vulnerabilities...
Garmin Mechanic™ - External URLs, SD-card access, Suspicious files vulnerabilities
HackApp vulnerability scanner discovered that application Garmin Mechanic™ published at the 'play' market has multiple vulnerabilities...
Garmin HUD Europe - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Garmin HUD Europe published at the 'play' market has multiple vulnerabilities...
CVE-2009-0194
The domain-locking implementation in the GARMINAXCONTROL.GarminAxControlt.1 ActiveX control in npGarmin.dll in the Garmin Communicator Plug-In 2.6.4.0 does not properly enforce the restrictions that 1 download and 2 upload requests come from a web site specified by the user, which allows remote...
CVE-2009-0194
The domain-locking implementation in the GARMINAXCONTROL.GarminAxControlt.1 ActiveX control in npGarmin.dll in the Garmin Communicator Plug-In 2.6.4.0 does not properly enforce the restrictions that 1 download and 2 upload requests come from a web site specified by the user, which allows remote...
CVE-2009-0194
CVE-2009-0194 affects Garmin Communicator Plug-In 2.6.4.0 (npGarmin.dll, GARMINAXCONTROL.GarminAxControl_t.1 ActiveX). The domain-locking mechanism does not properly enforce that download/upload requests originate from a user-specified site, enabling a synchronisation error that can lead to unaut...
KLA10172 Vulnerability in Garmin Communicator Plugin
An improper restriction was found in Garmin Communicator Plug-In. By exploiting this vulnerability malicious users can obtain sensitive information or reconfigure GPS device. This vulnerability can be exploited remotely via unspecified vectors. Original advisories - Related products...