CVE-2024-6051 MEDIUM

CVE-2024-6051: Cross Application Scripting in Redlink SDK

Vendor Vercom S.a.
Product Redlink SDK
Weakness CWE-926
Published September 30, 2024
Last update October 3, 2025

CVSS base score

4.3/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:L/U:Clear

What the vulnerability does

01Description

Cross Application Scripting vulnerability in Vercom S.A. Redlink SDK in specific situations allows local code injection and to manipulate the view of a vulnerable application.This issue affects Redlink SDK versions through 1.13.

Key dates

02Disclosure timeline

September 30, 2024 CVE published
October 3, 2025 Record updated