writeups.xyz / Compromising Garmin’s Sport Watches: A Deep Dive into GarminOS and its MonkeyC Virtual Machine

Submitter : c2a

Date: 21 April 2023

Bounty : undisclosed

Vulnerabilities :

• IoT
• Memory Corruption
• Buffer Overflow
• Integer Overflow
• Out-of-Bounds Read
• Out-of-Bounds Write
• Type Confusion
• Permission Bypass
• Reverse Engineering

Programs :

• Garmin

Authors :

• Tao Sauvage

Link :
https://www.anvilsecure.com/blog/compromising-garmins-sport-watches-a-deep-dive-into-garminos-and-its-monkeyc-virtual-machine.html