Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities found for mi_app_store by mi
CVE-2020-14121 (GCVE-0-2020-14121)
Vulnerability from nvd – Published: 2022-04-21 17:25 – Updated: 2024-08-04 12:39
VLAI?
Summary
A business logic vulnerability exists in Mi App Store. The vulnerability is caused by incomplete permission checks of the products being bypassed, and an attacker can exploit the vulnerability to perform a local silent installation.
Severity ?
No CVSS data available.
CWE
- Business logic vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Mi App Store |
Affected:
Mi App Store version 4.12.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:39:35.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=146"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Mi App Store",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Mi App Store version 4.12.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A business logic vulnerability exists in Mi App Store. The vulnerability is caused by incomplete permission checks of the products being bypassed, and an attacker can exploit the vulnerability to perform a local silent installation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Business logic vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T17:25:10.000Z",
"orgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"shortName": "Xiaomi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=146"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@xiaomi.com",
"ID": "CVE-2020-14121",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mi App Store",
"version": {
"version_data": [
{
"version_value": "Mi App Store version 4.12.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A business logic vulnerability exists in Mi App Store. The vulnerability is caused by incomplete permission checks of the products being bypassed, and an attacker can exploit the vulnerability to perform a local silent installation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Business logic vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=146",
"refsource": "MISC",
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=146"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"assignerShortName": "Xiaomi",
"cveId": "CVE-2020-14121",
"datePublished": "2022-04-21T17:25:10.000Z",
"dateReserved": "2020-06-15T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:39:35.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-14118 (GCVE-0-2020-14118)
Vulnerability from nvd – Published: 2022-04-21 17:33 – Updated: 2024-08-04 12:39
VLAI?
Summary
An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by the Mi App Store does not verify the validity of the incoming data, can cause the app store to automatically download and install apps.
Severity ?
No CVSS data available.
CWE
- Intent redirection vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Mi App Store |
Affected:
Mi App Store version <4.10.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:39:36.051Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=144"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Mi App Store",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Mi App Store version \u003c4.10.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by the Mi App Store does not verify the validity of the incoming data, can cause the app store to automatically download and install apps."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Intent redirection vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T17:33:02.000Z",
"orgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"shortName": "Xiaomi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=144"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@xiaomi.com",
"ID": "CVE-2020-14118",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mi App Store",
"version": {
"version_data": [
{
"version_value": "Mi App Store version \u003c4.10.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by the Mi App Store does not verify the validity of the incoming data, can cause the app store to automatically download and install apps."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Intent redirection vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=144",
"refsource": "MISC",
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=144"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"assignerShortName": "Xiaomi",
"cveId": "CVE-2020-14118",
"datePublished": "2022-04-21T17:33:02.000Z",
"dateReserved": "2020-06-15T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:39:36.051Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-14118 (GCVE-0-2020-14118)
Vulnerability from cvelistv5 – Published: 2022-04-21 17:33 – Updated: 2024-08-04 12:39
VLAI?
Summary
An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by the Mi App Store does not verify the validity of the incoming data, can cause the app store to automatically download and install apps.
Severity ?
No CVSS data available.
CWE
- Intent redirection vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Mi App Store |
Affected:
Mi App Store version <4.10.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:39:36.051Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=144"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Mi App Store",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Mi App Store version \u003c4.10.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by the Mi App Store does not verify the validity of the incoming data, can cause the app store to automatically download and install apps."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Intent redirection vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T17:33:02.000Z",
"orgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"shortName": "Xiaomi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=144"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@xiaomi.com",
"ID": "CVE-2020-14118",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mi App Store",
"version": {
"version_data": [
{
"version_value": "Mi App Store version \u003c4.10.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by the Mi App Store does not verify the validity of the incoming data, can cause the app store to automatically download and install apps."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Intent redirection vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=144",
"refsource": "MISC",
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=144"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"assignerShortName": "Xiaomi",
"cveId": "CVE-2020-14118",
"datePublished": "2022-04-21T17:33:02.000Z",
"dateReserved": "2020-06-15T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:39:36.051Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-14121 (GCVE-0-2020-14121)
Vulnerability from cvelistv5 – Published: 2022-04-21 17:25 – Updated: 2024-08-04 12:39
VLAI?
Summary
A business logic vulnerability exists in Mi App Store. The vulnerability is caused by incomplete permission checks of the products being bypassed, and an attacker can exploit the vulnerability to perform a local silent installation.
Severity ?
No CVSS data available.
CWE
- Business logic vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Mi App Store |
Affected:
Mi App Store version 4.12.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:39:35.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=146"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Mi App Store",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Mi App Store version 4.12.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A business logic vulnerability exists in Mi App Store. The vulnerability is caused by incomplete permission checks of the products being bypassed, and an attacker can exploit the vulnerability to perform a local silent installation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Business logic vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T17:25:10.000Z",
"orgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"shortName": "Xiaomi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=146"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@xiaomi.com",
"ID": "CVE-2020-14121",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mi App Store",
"version": {
"version_data": [
{
"version_value": "Mi App Store version 4.12.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A business logic vulnerability exists in Mi App Store. The vulnerability is caused by incomplete permission checks of the products being bypassed, and an attacker can exploit the vulnerability to perform a local silent installation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Business logic vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=146",
"refsource": "MISC",
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=146"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"assignerShortName": "Xiaomi",
"cveId": "CVE-2020-14121",
"datePublished": "2022-04-21T17:25:10.000Z",
"dateReserved": "2020-06-15T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:39:35.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}