CVE-2026-9220 - Setracker2 Children's Smartwatch Ecosystem Use of hard-coded cryptographic key
CVE ID :CVE-2026-9220
Published : June 25, 2026, 11:13 p.m. | 1 hour, 28 minutes ago
Description :Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior encrypts requests between the watch and its backend with static hardcoded AES keys and initialization vectors. This allows an attacker to decrypt Setracker2 watch traffic.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : June 25, 2026, 11:13 p.m. | 1 hour, 28 minutes ago
Description :Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior encrypts requests between the watch and its backend with static hardcoded AES keys and initialization vectors. This allows an attacker to decrypt Setracker2 watch traffic.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...