CVE-2023-23302
Vulnerability Description
The `Toybox.GenericChannel.setDeviceConfig` API method in CIQ API version 1.2.0 through 4.1.7 does not validate its parameter, which can result in buffer overflows when copying various attributes. A malicious application could call the API method with specially crafted object and hijack the execution of the device's firmware.
Vulnerability Details
Published Date
Last Modified
Source
NVD
Discussion (0)
Add Comment
No comments yet. Be the first!