PT-2022-8554 · Xiaomi · Xiaomi

Published

2022-04-21

Updated

2022-05-03

CVE-2020-14120

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Xiaomi models (affected versions not specified)

Description The issue is caused by the lack of checksum when using a third-party application to pass in parameters. Attackers can induce users to install a malicious app and use this issue to achieve elevated privileges, affecting the normal services of the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-354

Related Identifiers

CVE-2020-14120

Affected Products

Xiaomi

PT-2022-8554 · Xiaomi · Xiaomi

CVE-2020-14120

Weakness Enumeration

Related Identifiers

Affected Products

References · 4