Lucene search
K

8 matches found

CVE
CVE
added 2022/06/08 2:14 p.m.72 views

CVE-2020-14125

CVE-2020-14125 affects Xiaomi smartphones with MediaTek-based Trust Execution Environment (TEE) handling mobile payments (Tencent Soter). Root cause: an out-of-bounds read/write in the soter trusted app, enabling denial-of-service; chained downgrade could allow exploitation by replacing a newer t...

7.5CVSS7.3AI score0.06935EPSS
CVE
CVE
added 2021/04/08 8:57 p.m.71 views

CVE-2020-14106

CVE-2020-14106 affects Xiaomi MIUI before 2021-01-26. The vulnerability allows an application on the device to unauthorizedly access the list of running processes , resulting in information disclosure. The provided documents do not specify the root cause, exploit details, affected components beyo...

5.5CVSS5.4AI score0.00663EPSS
CVE
CVE
added 2021/04/08 8:23 p.m.67 views

CVE-2020-14103

The CVE-2020-14103 entry concerns Xiaomi MIUI OS (pre-2020.01.15) where an application on mobile devices can read the device SNO information, constituting an information-disclosure flaw. Connected sources (NVD and Red Hat/NVD mirroring, CNNVD/CVE records) confirm affected product family (Xiaomi M...

5.5CVSS5.2AI score0.00699EPSS
CVE
CVE
added 2022/04/21 5:30 p.m.62 views

CVE-2020-14120

CVE-2020-14120 affects Xiaomi MIUI: a vulnerability in a Xiaomi app caused by missing checksum when third‑party apps pass parameters, enabling attacker‑driven installation of a malicious app that could gain elevated privileges and disrupt normal system services. No specific exploit details or pat...

8.8CVSS8.5AI score0.00387EPSS
CVE
CVE
added 2022/04/22 3:17 p.m.58 views

CVE-2020-14123

CVE-2020-14123 affects Xiaomi MIUI (notably MIUI 12.5.2) where a pointer is copied to two function modules and can be repeatedly released, causing a crash and, if exploited, elevation of privileges. Root cause: double free pointer handling in MIUI Services. Impact: potential privilege escalation ...

7.5CVSS7.5AI score0.00868EPSS
CVE
CVE
added 2022/07/14 2:46 p.m.56 views

CVE-2020-14127

CVE-2020-14127 affects Xiaomi devices (e.g., Redmi K40, Redmi Note 10 Pro) running MIUI prior to 2022-07-01. The vulnerability arises from a heap overflow in the affected software, allowing an attacker to trigger remote denial-of-service. No exploit details are provided in the sources; remediatio...

7.5CVSS7.5AI score0.009EPSS
CVE
CVE
added 2022/04/21 5:27 p.m.54 views

CVE-2020-14122

CVE-2020-14122 corresponds to a Xiaomi MIUI information leakage issue where the lack of parameter verification may allow forging a specific identity, causing user information leakage on affected Xiaomi devices. Several connected sources (NVD entry, Red Hat security note, CNVD, CNNVD, and related ...

5.5CVSS5.3AI score0.0015EPSS
CVE
CVE
added 2021/04/20 3:49 p.m.51 views

CVE-2020-14105

CVE-2020-14105 describes an information-disclosure vulnerability in Xiaomi 10 devices running MIUI prior to 2020-01-15, where an application can read the device SNO information. The issue is documented across multiple sources (CNVD, CVE lists, Red Hat advisory) noting Xiaomi 10 MIUI

5.5CVSS5.2AI score0.00255EPSS