CVE-2024-6051 is a vulnerability classified under CWE-926 (Improper Export of Android Application Components) affecting the Vercom S.A. Redlink SDK up to version 1.13. This SDK is used by Android applications to integrate certain functionalities provided by Vercom S.A. The vulnerability manifests as a Cross Application Scripting (XAS) issue, which in this context allows local code injection and manipulation of the user interface of applications embedding the vulnerable SDK. Specifically, due to improper exportation of application components, malicious local applications or processes with sufficient privileges can inject code or alter the view of the host application, potentially misleading users or interfering with application logic. The CVSS 4.0 base score is 4.3, indicating a medium severity level. The attack vector is local (AV:L), requiring high attack complexity (AC:H), privileged access (PR:H), and user interaction (UI:A). The vulnerability does not affect confidentiality but impacts integrity and availability to a limited extent. No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability is particularly relevant for applications using Redlink SDK on Android devices where multiple apps coexist, and privilege escalation or local code injection is feasible. This flaw could be exploited by malicious apps installed on the same device or by attackers with local access, potentially leading to UI manipulation or unauthorized actions within the vulnerable app.

For European organizations, the impact of CVE-2024-6051 depends largely on their use of Android applications incorporating the Redlink SDK. Organizations in sectors such as finance, telecommunications, or e-commerce that rely on mobile apps embedding this SDK could face risks of local privilege escalation or UI manipulation attacks. This could lead to fraudulent transactions, phishing via UI spoofing, or unauthorized operations within the app. Although the vulnerability requires local privileged access and user interaction, it could be exploited in environments where devices are shared, or where malicious apps can be installed, such as corporate BYOD scenarios. The integrity of application data and user trust could be compromised, potentially leading to reputational damage and regulatory scrutiny under GDPR if personal data is indirectly affected. However, the lack of remote exploitability and the requirement for high privileges limit the scope of impact, making widespread remote attacks unlikely.

To mitigate CVE-2024-6051, European organizations should: 1) Audit their mobile applications to identify usage of the Redlink SDK and verify the version in use. 2) Coordinate with Vercom S.A. for timely updates or patches once available; in the meantime, consider disabling or restricting SDK components that expose exported activities or services unnecessarily. 3) Implement strict application sandboxing and privilege management on Android devices to prevent unauthorized local apps from gaining elevated privileges. 4) Employ mobile device management (MDM) solutions to control app installations and monitor for suspicious local applications. 5) Educate users about the risks of installing untrusted apps and the importance of avoiding granting excessive permissions. 6) Conduct penetration testing focusing on local privilege escalation and UI manipulation vectors to detect potential exploitation paths. 7) Monitor application logs and user reports for anomalies that could indicate exploitation attempts.