2 matches found
CVE-2020-10263
CVE-2020-10263 affects Xiaomi Xiao AI Speaker Pro LX06 with firmware 1.52.4. Multiple sources describe a local UART-accessible remote-root capability, enabling an attacker to: read Wi‑Fi SSID/password, access user dialogues, abuse TTS voice to spoof, eavesdrop, modify system files, issue IR codes...
CVE-2020-10263 - Smart Speaker Root Shell via internal UART
An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.52.4. Attackers can get root shell by accessing the UART interface and then they can i read Wi-Fi SSID or password, ii read the dialogue text files between users and XIAOMI XIAOAI speaker Pro LX06, iii use Text-To-Speech tools pretend...