Unauthorized Access Vulnerability in Xiaomi Phone Framework
CVE-2024-45356

7.3HIGH

Key Information:

Vendor: Xiaomi
Status: Xiaomi Phone Framework Has Unauthorized Access Vulnerability
Vendor: CVE Published:; 27 March 2025

What is CVE-2024-45356?

An unauthorized access vulnerability exists within the Xiaomi phone framework, stemming from inadequate validation processes. This flaw enables malicious attackers to exploit it, gaining access to sensitive methods that could compromise user data and device integrity.

Affected Version(s)

Xiaomi phone framework has unauthorized access vulnerability Xiaomi phone framework 14

References

https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId...

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 27, 2025
Vulnerability Reserved
Aug 28, 2024