CVE-2024-36556

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Feb 6, 2025

Updated: Feb 10, 2025

CWE ID 798

Summary

CVE-2024-36556 refers to a vulnerability affecting the Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h and Forever KidsWatch Call Me 2 KW60 R36CW_YDE_S4_A29_2_V1.0_2023.05.24_22.49.44_cob_b devices. The issue lies in the use of hardcoded passwords, which are not changeable and publicly known. An attacker with access to these devices can exploit this vulnerability to gain unauthorized access, potentially compromising user data or privacy. It is crucial that users update their devices to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wMKt1S
https://www.cve.org/CVERecord?id=CVE-2024-36556
https://nvd.nist.gov/vuln/detail/CVE-2024-36556

Back to Vulnerability Database

CVE-2024-36556

CVSS 3.1 Score 9.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations