CVE-2024-6051 | THREATINT

Description

Cross Application Scripting vulnerability in Vercom S.A. Redlink SDK in specific situations allows local code injection and to manipulate the view of a vulnerable application.This issue affects Redlink SDK versions through 1.13.

PUBLISHED Reserved 2024-06-17 | Published 2024-09-30 | Updated 2025-10-03 | Assigner CERT-PL

MEDIUM: 4.3CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:L/U:Clear

Problem types

CWE-926 Improper Export of Android Application Components

Product status

Default status

unaffected

Any version

affected

Credits

Maksymilian Motyl (Immunity Systems) finder

References

cert.pl/en/posts/2024/09/CVE-2024-6051/ third-party-advisory

cert.pl/posts/2024/09/CVE-2024-6051/ third-party-advisory

cve.org (CVE-2024-6051)

nvd.nist.gov (CVE-2024-6051)

Download JSON