The `Toybox.Graphics.BufferedBitmap.initialize` API method in CIQ API version 2.3.0 through 4.1.7 does not validate its parameters, which can result in integer overflows when allocating the underlying bitmap buffer. A malicious application could call the API method with specially crafted parameters and hijack the execution of the device's firmware.
References
Configurations
History
21 Nov 2024, 07:45
Type | Values Removed | Values Added |
---|---|---|
References | () https://developer.garmin.com/connect-iq/api-docs/Toybox/Graphics/BufferedBitmap.html#initialize-instance_function - Product | |
References | () https://developer.garmin.com/connect-iq/compatible-devices/ - Product | |
References | () https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23298.md - Exploit |
30 May 2023, 16:50
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-190 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CPE | cpe:2.3:a:garmin:connect-iq:*:*:*:*:*:*:*:* | |
First Time |
Garmin connect-iq
Garmin |
|
References | (MISC) https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23298.md - Exploit | |
References | (MISC) https://developer.garmin.com/connect-iq/api-docs/Toybox/Graphics/BufferedBitmap.html#initialize-instance_function - Product | |
References | (MISC) https://developer.garmin.com/connect-iq/compatible-devices/ - Product |
Information
Published : 2023-05-23 20:15
Updated : 2024-11-21 07:45
NVD link : CVE-2023-23298
Mitre link : CVE-2023-23298
CVE.ORG link : CVE-2023-23298
JSON object : View
Products Affected
garmin
- connect-iq
CWE
CWE-190
Integer Overflow or Wraparound