XiaomiGetApps Code Execution Vulnerability

CVE-2023-26324

9.8CRITICAL

Key Information

Vendor: Xiaomi
Status: Getapps Application
Vendor: CVE Published:; 28 August 2024

Summary

A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code.

Affected Version(s)

GetApps application <= 30.6.0.2

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Aug 28, 2024
Vulnerability Reserved.
Feb 22, 2023

Collectors

NVD DatabaseMitre Database