Vulnerability Description
An issue was discovered in the Boomerang Parental Control application through 13.83 for Android. The child can use Safe Mode to remove all restrictions temporarily or uninstall the application without the parents noticing.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nationaledtech | Boomerang | < 13.83 |
Related Weaknesses (CWE)
References
- https://sec-consult.com/blog/detail/the-hidden-costs-of-parental-control-apps/Third Party Advisory
- https://seclists.org/fulldisclosure/2023/Jul/12Mailing ListThird Party Advisory
- https://useboomerang.com/Product
- https://sec-consult.com/blog/detail/the-hidden-costs-of-parental-control-apps/Third Party Advisory
- https://seclists.org/fulldisclosure/2023/Jul/12Mailing ListThird Party Advisory
- https://useboomerang.com/Product
FAQ
What is CVE-2023-36621?
CVE-2023-36621 is a vulnerability with a CVSS score of 9.1 (CRITICAL). An issue was discovered in the Boomerang Parental Control application through 13.83 for Android. The child can use Safe Mode to remove all restrictions temporarily or uninstall the application without...
How severe is CVE-2023-36621?
CVE-2023-36621 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-36621?
Check the references section above for vendor advisories and patch information. Affected products include: Nationaledtech Boomerang.