44 matches found
CVE-2023-23301
The news MonkeyC operation code in CIQ API version 1.0.0 through 4.1.7 fails to check that string resources are not extending past the end of the expected sections. A malicious CIQ application could craft a string that starts near the end of a section, and whose length extends past its end. Upon...
CVE-2023-23304
The CVE-2023-23304 entry concerns GarminOS CIQ/TVM (Garmin Connect IQ): CIQ API versions 2.1.0 through 4.1.7 allow a specially crafted head section to access the Toybox.SensorHistory module without user consent, enabling a malicious app to call functions in that module and potentially disclose pr...
CVE-2023-23300
The Toybox.Cryptography.Cipher.initialize API method in CIQ API version 3.0.0 through 4.1.7 does not validate its parameters, which can result in buffer overflows when copying data. A malicious application could call the API method with specially crafted parameters and hijack the execution of the...
CVE-2023-23306
CVE-2023-23306 affects Garmin Connect IQ (CIQ) API: Toybox.Ant.BurstPayload.add in CIQ API versions 2.2.0 through 4.1.7 suffers a type confusion leading to an out-of-bounds write. A malicious app could craft a Toybox.Ant.BurstPayload object, call add, override arbitrary memory, and hijack firmwar...