CVE: Common Vulnerabilities and Exposures

alert

Notice: Keyword searching of CVE Records is now available in the search box above. Keywords may include a CVE ID (e.g., CVE-2024-1234), or one or more keywords separated by a space (e.g., authorization, SQL Injection, cross site scripting, etc.). Learn more here.

alert

Notice: Keyword searching of CVE Records is now available in the search box above. Keywords may include a CVE ID (e.g., CVE-2024-1234), or one or more keywords separated by a space (e.g., authorization, SQL Injection, cross site scripting, etc.). Learn more here.

Expand or collapse notification button

Required CVE Record Information

Description

Incorrect calculation of buffer size vulnerability in Peleton TTR01 up to and including PTV55G allows a remote attacker to trigger a Denial of Service attack through the GymKit daemon process by exploiting a heap overflow in the network server handling the Apple GymKit communication. This can lead to an Apple MFI device not being able to authenticate with the Peleton Bike

CVSS 1 Total

Product Status

Information not provided

Credits

Mark Bereza from McAfee Enterprise ATR

References 1 Total

https://twitter.com/ROPsicle/status/1438216078103044107?s=20
external site

Updated: 2024-08-04

This container includes required additional information provided by the CVE Program for this vulnerability.

References 1 Total

https://twitter.com/ROPsicle/status/1438216078103044107?s=20
external site
x_transferred