Mattel Information for VU#719736

Fisher-Price Smart Toy platform allows some unauthenticated web API commands

Status

Affected

Vendor Statement

We recently learned of a security vulnerability with our Fisher-Price WiFi-connected Smart Toy Bear.  We have remediated the situation and have no reason to believe that customer information was accessed by any unauthorized person.  Mattel and Fisher-Price take the safety of our consumers and their personal data very seriously, which is why we act quickly to resolve potential vulnerabilities like this.

Vendor Information

Fisher-Price is a division of Mattel.

Vendor References

None

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.