Xiaomi Security Center Welcomes New Security Experts and Teams to Ensure Safe Access for Millions of Users Worldwide
CVE-2024-45346

8.8HIGH

Key Information:

Vendor
Xiaomi
Status
Getapps Application
Vendor
CVE Published:
28 August 2024

Summary

The vulnerability in XiaomiGetApps involves a critical flaw in the application's verification logic, which can be exploited by attackers to run arbitrary code on affected devices. By bypassing the built-in security checks, adversaries can gain unauthorized access, potentially leading to the installation of malicious applications or data theft. This vulnerability emphasizes the importance of robust security measures in application development and timely updates to protect users against emerging threats.

Affected Version(s)

GetApps application GetApps application <= 30.2.7.0

References

https://trust.mi.com/misrc/bulletins/advisory?cveId=545

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2024-45346 : Xiaomi Security Center Welcomes New Security Experts and Teams to Ensure Safe Access for Millions of Users Worldwide | SecurityVulnerability.io