Intent Redirection Vulnerability in Xiaomi Quick App Framework
CVE-2024-45353

4.3MEDIUM

Key Information:

Vendor
Xiaomi
Status
Quick App Framework
Vendor
CVE Published:
27 March 2025

Summary

An intent redirection vulnerability has been identified in Xiaomi's Quick App Framework. This issue arises from improper input validation, allowing attackers to redirect app intents, potentially leading to unauthorized actions and compromising user security. It is crucial for developers and users to ensure that they are running updated versions and to be aware of best practices in input validation to mitigate such risks.

Affected Version(s)

quick app framework quick app framework 1.30.2.1

References

https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId...

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2024-45353 : Intent Redirection Vulnerability in Xiaomi Quick App Framework | SecurityVulnerability.io