CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2020-14129

CVSS 9.8v3.1pub. 2022-10-11upd. 2024-11-21

A logic vulnerability exists in a Xiaomi product. The vulnerability is caused by an identity verification failure, which can be exploited by an attacker who can obtain a brief elevation of privilege.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Mi Xiaomi

    APP
    Mi
    wszystkie wersje
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2020-14131CRITICAL9.8ten sam produkt

The Xiaomi Security Center expresses heartfelt thanks to ADLab of VenusTech ! At the same time, we also welcom...

CVE-2020-14130MEDIUM5.3ten sam produkt

Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called ...

CVE-2024-4406CRITICAL9.6PL ✓ten sam vendor

XSS umożliwiający RCE w aplikacji GetApps na Xiaomi 13 Pro

CVE-2024-4405CRITICAL9.6PL ✓ten sam vendor

XSS umożliwiający RCE w Xiaomi 13 Pro — plik manual-upgrade.html

CVE-2020-14115CRITICAL9.8ten sam vendor

A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of...