Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2020-9531
HistoryMar 06, 2020 - 4:49 p.m.

CVE-2020-9531

2020-03-0616:49:42
mitre
www.cve.org
3

AI Score

6.9

Confidence

High

EPSS

0.003

Percentile

70.0%

JSON

An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. In the Web resources of GetApps(com.xiaomi.mipicks), the parameters passed in are read and executed. After reading the resource files, relevant components open the link of the incoming URL. Although the URL is safe and can pass security detection, the data carried in the parameters are loaded and executed. An attacker can use NFC tools to get close enough to a user’s unlocked phone to cause apps to be installed and information to be leaked. This is fixed on version: 2001122.

Related

zdi 2
nvd 1
prion 1
cve 1
zdi
zdi
(Pwn2Own) Xiaomi GetApps Intent Privilege Escalation Vulnerability
2020-03-12 00:00:00
(Pwn2Own) Xiaomi Mi9 Browser Untrusted Site Redirection Remote Code Execution Vulnerability
2020-03-12 00:00:00
nvd
nvd
CVE-2020-9531
2020-03-06 17:15:12
prion
prion
Design/Logic Flaw
2020-03-06 17:15:00
cve
cve
CVE-2020-9531
2020-03-06 17:15:12

AI Score

6.9

Confidence

High

EPSS

0.003

Percentile

70.0%

JSON
Related for CVELIST:CVE-2020-9531
zdi2nvd1prion1cve1