Intent Redirection Vulnerability in Xiaomi Quick App Framework
CVE-2024-45353

4.3MEDIUM

Key Information:

Vendor: Xiaomi
Status: Quick App Framework
Vendor: CVE Published:; 27 March 2025

What is CVE-2024-45353?

An intent redirection vulnerability has been identified in Xiaomi's Quick App Framework. This issue arises from improper input validation, allowing attackers to redirect app intents, potentially leading to unauthorized actions and compromising user security. It is crucial for developers and users to ensure that they are running updated versions and to be aware of best practices in input validation to mitigate such risks.

Affected Version(s)

quick app framework quick app framework 1.30.2.1

References

https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId...

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 27, 2025
Vulnerability Reserved
Aug 28, 2024