CVE-2024-36558

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 6, 2025

Updated: Feb 7, 2025

CWE ID 319

Summary

CVE-2024-36558: This vulnerability affects the Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h device, which transmits sensitive information in cleartext during communication with its server due to a lack of encryption. An attacker in proximity to the device could intercept and read the transmitted data, potentially accessing personal information. Users are advised to secure their devices with encryption or other protective measures to prevent data interception. The vulnerability should be addressed by the device manufacturer with an update or patch.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wMK7L8
https://www.cve.org/CVERecord?id=CVE-2024-36558
https://nvd.nist.gov/vuln/detail/CVE-2024-36558

Back to Vulnerability Database

CVE-2024-36558

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations