CVE-2024-36555

Name of the Vulnerable Software and Affected Versions: Forever KidsWatch Call Me KW50 R36 YDR A3PW GM7S V1.0 2019 07 15 16.19.24 cob h Forever KidsWatch Call Me 2 KW-60 R36CW YDE S4 A29 2 V1.0 2023.05.24 22.49.44 cob b

Description: The built-in SMS configuration command in the affected devices allows malicious users to change the device's IMEI number, enabling them to forge the device's identity.

Recommendations: For Forever KidsWatch Call Me KW50 R36 YDR A3PW GM7S V1.0 2019 07 15 16.19.24 cob h, consider disabling the SMS configuration command until a patch is available. For Forever KidsWatch Call Me 2 KW-60 R36CW YDE S4 A29 2 V1.0 2023.05.24 22.49.44 cob b, restrict access to the built-in SMS configuration command to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.