PT-2024-31576 · Xiaomi · Xiaomigetapps

Published

2024-08-27

Updated

2025-03-27

CVE-2024-45346

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions XiaomiGetApps (affected versions not specified)

Description A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code. The issue affects millions of Xiaomi users worldwide.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authentication

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287CWE-94

Related Identifiers

CVE-2024-45346

Affected Products

Xiaomigetapps

PT-2024-31576 · Xiaomi · Xiaomigetapps

CVE-2024-45346

Weakness Enumeration

Related Identifiers

Affected Products

References · 13