CVE-2024-54014

Summary

Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13 and earlier and 'Skylark' App for iOS 6.2.13 and earlier allows an attacker to lead the application to access an arbitrary web site via another application installed on the user's device.

Affected Software

VendorProductVersion RangeStatus
SKYLARK HOLDINGS CO., LTD.‘Skylark’ App for Android6.2.13 and earlieraffected
SKYLARK HOLDINGS CO., LTD.‘Skylark’ App for iOS6.2.13 and earlieraffected

Weaknesses

  • CWE-939: Improper authorization in handler for custom URL scheme

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References