PT-2023-25637 · Unknown · Boomerang Parental Control

Bernhard Gründling

Published

2023-11-02

Updated

2023-11-09

CVE-2023-36621

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions Boomerang Parental Control versions through 13.83 for Android

Description An issue was discovered in the Boomerang Parental Control application, allowing a child to use Safe Mode to remove all restrictions temporarily or uninstall the application without the parents noticing.

Recommendations For versions through 13.83, consider disabling the Safe Mode feature temporarily until a patch is available to prevent the child from removing restrictions or uninstalling the application. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2023-36621

Affected Products

Boomerang Parental Control

PT-2023-25637 · Unknown · Boomerang Parental Control

CVE-2023-36621

Weakness Enumeration

Related Identifiers

Affected Products

References · 8