CVE-2024-54014

CVSS 3.0 Score 3.6 of 10 (low)

Details

Published Dec 5, 2024
CWE ID 939

Summary

CVE-2024-54014 is a vulnerability affecting the 'Skylark' App on Android version 6.2.13 and earlier, as well as iOS version 6.2.13 and earlier. This issue involves improper authorization within the app's custom URL scheme handler, enabling an attacker to manipulate the application and direct it to access an arbitrary website via another installed application on the user's device. This vulnerability poses a significant risk to user privacy and security. Attackers could potentially exploit this issue to gain unauthorized access to sensitive information or install malware. Users are advised to update their Skylark app to the latest version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share