Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Game center application by Xiaomi

    CVE-2024-45351 (GCVE-0-2024-45351)

    Vulnerability from nvd – Published: 2025-03-26 13:17 – Updated: 2025-03-26 13:52
    VLAI
    Title
    Game center application has code execution Vulnerability
    Summary
    A code execution vulnerability exists in the Xiaomi Game center application product. The vulnerability is caused by improper input validation and can be exploited by attackers to execute malicious code.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1284 - Improper Validation of Specified Quantity in Input
    Assigner
    Impacted products
    Vendor Product Version
    Xiaomi Game center application Affected: Game center application 13.10
    Create a notification for this product.
    Date Public
    2025-02-21 12:42
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-45351",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-26T13:52:19.885534Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-26T13:52:37.034Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Game center application",
              "vendor": "Xiaomi",
              "versions": [
                {
                  "status": "affected",
                  "version": "Game center application 13.10"
                }
              ]
            }
          ],
          "datePublic": "2025-02-21T12:42:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A code execution vulnerability exists in the Xiaomi Game center application product. The vulnerability is caused by  improper input validation and can be exploited by attackers to execute malicious code.   \u003cbr\u003e"
                }
              ],
              "value": "A code execution vulnerability exists in the Xiaomi Game center application product. The vulnerability is caused by  improper input validation and can be exploited by attackers to execute malicious code."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-175",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-175 Code Inclusion"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1284",
                  "description": "CWE-1284 Improper Validation of Specified Quantity in Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-26T13:17:33.544Z",
            "orgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
            "shortName": "Xiaomi"
          },
          "references": [
            {
              "url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=549"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Game center application has code execution Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
        "assignerShortName": "Xiaomi",
        "cveId": "CVE-2024-45351",
        "datePublished": "2025-03-26T13:17:07.014Z",
        "dateReserved": "2024-08-28T02:24:34.839Z",
        "dateUpdated": "2025-03-26T13:52:37.034Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-45351 (GCVE-0-2024-45351)

    Vulnerability from cvelistv5 – Published: 2025-03-26 13:17 – Updated: 2025-03-26 13:52
    VLAI
    Title
    Game center application has code execution Vulnerability
    Summary
    A code execution vulnerability exists in the Xiaomi Game center application product. The vulnerability is caused by improper input validation and can be exploited by attackers to execute malicious code.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1284 - Improper Validation of Specified Quantity in Input
    Assigner
    Impacted products
    Vendor Product Version
    Xiaomi Game center application Affected: Game center application 13.10
    Create a notification for this product.
    Date Public
    2025-02-21 12:42
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-45351",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-26T13:52:19.885534Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-26T13:52:37.034Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Game center application",
              "vendor": "Xiaomi",
              "versions": [
                {
                  "status": "affected",
                  "version": "Game center application 13.10"
                }
              ]
            }
          ],
          "datePublic": "2025-02-21T12:42:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A code execution vulnerability exists in the Xiaomi Game center application product. The vulnerability is caused by  improper input validation and can be exploited by attackers to execute malicious code.   \u003cbr\u003e"
                }
              ],
              "value": "A code execution vulnerability exists in the Xiaomi Game center application product. The vulnerability is caused by  improper input validation and can be exploited by attackers to execute malicious code."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-175",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-175 Code Inclusion"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1284",
                  "description": "CWE-1284 Improper Validation of Specified Quantity in Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-26T13:17:33.544Z",
            "orgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
            "shortName": "Xiaomi"
          },
          "references": [
            {
              "url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=549"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Game center application has code execution Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
        "assignerShortName": "Xiaomi",
        "cveId": "CVE-2024-45351",
        "datePublished": "2025-03-26T13:17:07.014Z",
        "dateReserved": "2024-08-28T02:24:34.839Z",
        "dateUpdated": "2025-03-26T13:52:37.034Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }