Jan Wã¼Therich

Name of the Vulnerable Software and Affected Versions: COROS PACE 3 versions 3.0808.0 and earlier Description: The issue is caused by a NULL pointer dereference vulnerability. Sending a crafted BLE message can force the device to reboot. Recommendations: For COROS PACE 3 versions 3.0808.0 and earlier, as a temporary workaround, consider restricting the reception of BLE messages from untrusted sources until a patch is available.

Name of the Vulnerable Software and Affected Versions: COROS PACE 3 versions through 3.0808.0 Description: An out-of-bounds read vulnerability exists in COROS PACE 3. Sending a crafted Bluetooth Low Energy (BLE) message forces the device to reboot. Recommendations: Update COROS PACE 3 to a version beyond 3.0808.0.