2 matches found
CVE-2023-23304
The GarminOS TVM component in CIQ API version 2.1.0 through 4.1.7 allows applications with a specially crafted head section to use the Toybox.SensorHistory module without permission. A malicious application could call any functions from the Toybox.SensorHistory module without the user's consent a...
PT-2023-18899 · Garmin · Ciq Api +1
Name of the Vulnerable Software and Affected Versions: GarminOS TVM component in CIQ API versions 2.1.0 through 4.1.7 Description: The issue allows applications with a specially crafted head section to use the Toybox.SensorHistory module without permission. A malicious application could call any...