Occasionally we make security updates to our Fitbit products and services. Depending on where we made the update, you’ll find details about it in one of these articles:
The following table defines the severity ratings used in security updates.
The security update patches a vulnerability that if exploited could allow attacker-supplied code to gain unrestricted access and potentially go undetected by the customer.
We recommend that you apply a critical update immediately.
The security update patches a vulnerability that if exploited could compromise data security, potentially allowing access to confidential or sensitive data but stopping short of full code execution.
We recommend that you apply an important update immediately.
The security update patches a vulnerability that carries less risk than important or critical updates, or one that is significantly mitigated by configuration, warnings, or other factors.
The security update patches a vulnerability that carries minimal risk or one that is comprehensively mitigated by existing measures, is extremely improbable, or is difficult to exploit.