Anvil

2 exploits Active since May 2023
CVE-2023-23305 WRITEUP CRITICAL WORKING POC
Garmin ConnectIQ 1.0.0-4.1.7 - Buffer Overflow in GarminOS TVM Component
The GarminOS TVM component in CIQ API version 1.0.0 through 4.1.7 is vulnerable to various buffer overflows when loading binary resources. A malicious application embedding specially crafted resources could hijack the execution of the device's firmware.
CVSS 9.8
CVE-2023-23301 WRITEUP CRITICAL WRITEUP
Garmin Connect IQ 1.0.0-4.1.7 - Out-of-bounds Read via MonkeyC News Operation
The `news` MonkeyC operation code in CIQ API version 1.0.0 through 4.1.7 fails to check that string resources are not extending past the end of the expected sections. A malicious CIQ application could craft a string that starts near the end of a section, and whose length extends past its end. Upon loading the string, the GarminOS TVM component may read out-of-bounds memory.
CVSS 9.8