PT-2021-22921 · Apple+1 · Gymkit+2
Mark Bereza
·
Published
2021-10-25
·
Updated
2021-10-28
·
CVE-2021-40526
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Peleton TTR01 up to and including PTV55G
Description
The issue is related to an incorrect calculation of buffer size, allowing a remote attacker to trigger a Denial of Service attack through the GymKit daemon process. This is achieved by exploiting a heap overflow in the network server handling the Apple GymKit communication, which can prevent an Apple MFI device from authenticating with the Peleton Bike.
Recommendations
For Peleton TTR01 up to and including PTV55G, as a temporary workaround, consider disabling the GymKit daemon process until a patch is available. Restrict access to the network server handling the Apple GymKit communication to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gymkit
Mfi
Peleton Ttr01