Unrated severityNVD Advisory· Published May 23, 2023· Updated Jan 31, 2025
CVE-2023-23304
CVE-2023-23304
Description
The GarminOS TVM component in CIQ API version 2.1.0 through 4.1.7 allows applications with a specially crafted head section to use the Toybox.SensorHistory module without permission. A malicious application could call any functions from the Toybox.SensorHistory module without the user's consent and disclose potentially private or sensitive information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- GarminOS TVM/CIQ APIdescription
- Range: >=2.1.0, <=4.1.7
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.