Description
Cross Application Scripting vulnerability in Vercom S.A. Redlink SDK in specific situations allows local code injection and to manipulate the view of a vulnerable application.This issue affects Redlink SDK versions through 1.13.
References (2)
Core 2
Core References
Various Sources third-party-advisory
https://cert.pl/en/posts/2024/09/CVE-2024-6051/
Various Sources third-party-advisory
https://cert.pl/posts/2024/09/CVE-2024-6051/
Scores
CVSS v4
4.3
EPSS
0.0016
EPSS Percentile
5.7%
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:L/U:Clear
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-926
Status
published
Products (1)
Vercom S.A./Redlink SDK
< 1.13
Published
Sep 30, 2024
Tracked Since
Feb 18, 2026