Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-14117

A improper permission configuration vulnerability in Xiaomi Content Center APP. This vulnerability is caused by the lack of correct permission verification in the Xiaomi content center APP, and attackers can use this vulnerability to invoke the sensitive component functions of the Xiaomi content center APP.

Published

2022-04-21T18:15:08.490

Last Modified

2024-11-21T05:02:41.373

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	mi	content_center	< 4.4.11	Yes

References

https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=143 Vendor Advisory ([email protected])
https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=143 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)