Search criteria
6 vulnerabilities found for xiaomi by mi
CVE-2020-14131 (GCVE-0-2020-14131)
Vulnerability from nvd – Published: 2022-10-11 00:00 – Updated: 2024-08-04 12:39
VLAI?
Summary
The Xiaomi Security Center expresses heartfelt thanks to ADLab of VenusTech ! At the same time, we also welcome more outstanding and professional security experts and security teams to join the Mi Security Center (MiSRC) to jointly ensure the safe access of millions of Xiaomi users worldwide Life.
Severity ?
No CVSS data available.
CWE
- a lack of identity verification
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Xiaomi specific devices |
Affected:
Xiaomi specific devices,Affected Version:11,Fixed Version:12
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:39:36.010Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://trust.mi.com/misrc/bulletins/advisory?cveId=153"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Xiaomi specific devices",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Xiaomi specific devices,Affected Version:11,Fixed Version:12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Xiaomi Security Center expresses heartfelt thanks to ADLab of VenusTech ! At the same time, we also welcome more outstanding and professional security experts and security teams to join the Mi Security Center (MiSRC) to jointly ensure the safe access of millions of Xiaomi users worldwide Life."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "a lack of identity verification",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00",
"orgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"shortName": "Xiaomi"
},
"references": [
{
"url": "https://trust.mi.com/misrc/bulletins/advisory?cveId=153"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"assignerShortName": "Xiaomi",
"cveId": "CVE-2020-14131",
"datePublished": "2022-10-11T00:00:00",
"dateReserved": "2020-06-15T00:00:00",
"dateUpdated": "2024-08-04T12:39:36.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-14129 (GCVE-0-2020-14129)
Vulnerability from nvd – Published: 2022-10-11 00:00 – Updated: 2024-08-04 12:39
VLAI?
Summary
A logic vulnerability exists in a Xiaomi product. The vulnerability is caused by an identity verification failure, which can be exploited by an attacker who can obtain a brief elevation of privilege.
Severity ?
No CVSS data available.
CWE
- Vulnerability logic vulnerability
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Xiaomi a certain APP |
Affected:
Affected Version:3.4.5.18 Fixed Version:3.4.5.24
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:39:36.494Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://trust.mi.com/misrc/bulletins/advisory?cveId=155"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Xiaomi a certain APP",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Affected Version:3.4.5.18 Fixed Version:3.4.5.24"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A logic vulnerability exists in a Xiaomi product. The vulnerability is caused by an identity verification failure, which can be exploited by an attacker who can obtain a brief elevation of privilege."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Vulnerability logic vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00",
"orgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"shortName": "Xiaomi"
},
"references": [
{
"url": "https://trust.mi.com/misrc/bulletins/advisory?cveId=155"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"assignerShortName": "Xiaomi",
"cveId": "CVE-2020-14129",
"datePublished": "2022-10-11T00:00:00",
"dateReserved": "2020-06-15T00:00:00",
"dateUpdated": "2024-08-04T12:39:36.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-14130 (GCVE-0-2020-14130)
Vulnerability from nvd – Published: 2021-09-16 11:41 – Updated: 2024-08-04 12:39
VLAI?
Summary
Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version <3.0.210809
Severity ?
No CVSS data available.
CWE
- Sensitive functions are maliciously invoked
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Xiaomi community app |
Affected:
Xiaomi community app Affected Version <3.0.210809
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:39:35.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=25\u0026locale=zh"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Xiaomi community app",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Xiaomi community app Affected Version \u003c3.0.210809"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version \u003c3.0.210809"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Sensitive functions are maliciously invoked",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-16T11:41:50",
"orgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"shortName": "Xiaomi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=25\u0026locale=zh"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@xiaomi.com",
"ID": "CVE-2020-14130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Xiaomi community app",
"version": {
"version_data": [
{
"version_value": "Xiaomi community app Affected Version \u003c3.0.210809"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version \u003c3.0.210809"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Sensitive functions are maliciously invoked"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=25\u0026locale=zh",
"refsource": "MISC",
"url": "https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=25\u0026locale=zh"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"assignerShortName": "Xiaomi",
"cveId": "CVE-2020-14130",
"datePublished": "2021-09-16T11:41:50",
"dateReserved": "2020-06-15T00:00:00",
"dateUpdated": "2024-08-04T12:39:35.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-14131 (GCVE-0-2020-14131)
Vulnerability from cvelistv5 – Published: 2022-10-11 00:00 – Updated: 2024-08-04 12:39
VLAI?
Summary
The Xiaomi Security Center expresses heartfelt thanks to ADLab of VenusTech ! At the same time, we also welcome more outstanding and professional security experts and security teams to join the Mi Security Center (MiSRC) to jointly ensure the safe access of millions of Xiaomi users worldwide Life.
Severity ?
No CVSS data available.
CWE
- a lack of identity verification
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Xiaomi specific devices |
Affected:
Xiaomi specific devices,Affected Version:11,Fixed Version:12
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:39:36.010Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://trust.mi.com/misrc/bulletins/advisory?cveId=153"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Xiaomi specific devices",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Xiaomi specific devices,Affected Version:11,Fixed Version:12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Xiaomi Security Center expresses heartfelt thanks to ADLab of VenusTech ! At the same time, we also welcome more outstanding and professional security experts and security teams to join the Mi Security Center (MiSRC) to jointly ensure the safe access of millions of Xiaomi users worldwide Life."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "a lack of identity verification",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00",
"orgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"shortName": "Xiaomi"
},
"references": [
{
"url": "https://trust.mi.com/misrc/bulletins/advisory?cveId=153"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"assignerShortName": "Xiaomi",
"cveId": "CVE-2020-14131",
"datePublished": "2022-10-11T00:00:00",
"dateReserved": "2020-06-15T00:00:00",
"dateUpdated": "2024-08-04T12:39:36.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-14129 (GCVE-0-2020-14129)
Vulnerability from cvelistv5 – Published: 2022-10-11 00:00 – Updated: 2024-08-04 12:39
VLAI?
Summary
A logic vulnerability exists in a Xiaomi product. The vulnerability is caused by an identity verification failure, which can be exploited by an attacker who can obtain a brief elevation of privilege.
Severity ?
No CVSS data available.
CWE
- Vulnerability logic vulnerability
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Xiaomi a certain APP |
Affected:
Affected Version:3.4.5.18 Fixed Version:3.4.5.24
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:39:36.494Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://trust.mi.com/misrc/bulletins/advisory?cveId=155"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Xiaomi a certain APP",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Affected Version:3.4.5.18 Fixed Version:3.4.5.24"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A logic vulnerability exists in a Xiaomi product. The vulnerability is caused by an identity verification failure, which can be exploited by an attacker who can obtain a brief elevation of privilege."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Vulnerability logic vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00",
"orgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"shortName": "Xiaomi"
},
"references": [
{
"url": "https://trust.mi.com/misrc/bulletins/advisory?cveId=155"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"assignerShortName": "Xiaomi",
"cveId": "CVE-2020-14129",
"datePublished": "2022-10-11T00:00:00",
"dateReserved": "2020-06-15T00:00:00",
"dateUpdated": "2024-08-04T12:39:36.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-14130 (GCVE-0-2020-14130)
Vulnerability from cvelistv5 – Published: 2021-09-16 11:41 – Updated: 2024-08-04 12:39
VLAI?
Summary
Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version <3.0.210809
Severity ?
No CVSS data available.
CWE
- Sensitive functions are maliciously invoked
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Xiaomi community app |
Affected:
Xiaomi community app Affected Version <3.0.210809
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:39:35.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=25\u0026locale=zh"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Xiaomi community app",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Xiaomi community app Affected Version \u003c3.0.210809"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version \u003c3.0.210809"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Sensitive functions are maliciously invoked",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-16T11:41:50",
"orgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"shortName": "Xiaomi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=25\u0026locale=zh"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@xiaomi.com",
"ID": "CVE-2020-14130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Xiaomi community app",
"version": {
"version_data": [
{
"version_value": "Xiaomi community app Affected Version \u003c3.0.210809"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version \u003c3.0.210809"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Sensitive functions are maliciously invoked"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=25\u0026locale=zh",
"refsource": "MISC",
"url": "https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=25\u0026locale=zh"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"assignerShortName": "Xiaomi",
"cveId": "CVE-2020-14130",
"datePublished": "2021-09-16T11:41:50",
"dateReserved": "2020-06-15T00:00:00",
"dateUpdated": "2024-08-04T12:39:35.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}