CVE-2023-40530

Summary

Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13 and earlier and 'Skylark' App for iOS 6.2.13 and earlier allows an attacker to lead a user to access an arbitrary website via another application installed on the user's device.

Affected Software

VendorProductVersion RangeStatus
SKYLARK HOLDINGS CO., LTD.‘Skylark’ App for Android6.2.13 and earlieraffected
SKYLARK HOLDINGS CO., LTD.‘Skylark’ App for iOS6.2.13 and earlieraffected

Weaknesses

  • Improper authorization in handler for custom URL scheme

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References