8 matches found
CVE-2020-14125
CVE-2020-14125 affects Xiaomi smartphones with MediaTek-based Trust Execution Environment (TEE) handling mobile payments (Tencent Soter). Root cause: an out-of-bounds read/write in the soter trusted app, enabling denial-of-service; chained downgrade could allow exploitation by replacing a newer t...
CVE-2020-14106
CVE-2020-14106 affects Xiaomi MIUI before 2021-01-26. The vulnerability allows an application on the device to unauthorizedly access the list of running processes , resulting in information disclosure. The provided documents do not specify the root cause, exploit details, affected components beyo...
CVE-2020-14103
The CVE-2020-14103 entry concerns Xiaomi MIUI OS (pre-2020.01.15) where an application on mobile devices can read the device SNO information, constituting an information-disclosure flaw. Connected sources (NVD and Red Hat/NVD mirroring, CNNVD/CVE records) confirm affected product family (Xiaomi M...
CVE-2020-14120
CVE-2020-14120 affects Xiaomi MIUI: a vulnerability in a Xiaomi app caused by missing checksum when third‑party apps pass parameters, enabling attacker‑driven installation of a malicious app that could gain elevated privileges and disrupt normal system services. No specific exploit details or pat...
CVE-2020-14123
CVE-2020-14123 affects Xiaomi MIUI (notably MIUI 12.5.2) where a pointer is copied to two function modules and can be repeatedly released, causing a crash and, if exploited, elevation of privileges. Root cause: double free pointer handling in MIUI Services. Impact: potential privilege escalation ...
CVE-2020-14127
CVE-2020-14127 affects Xiaomi devices (e.g., Redmi K40, Redmi Note 10 Pro) running MIUI prior to 2022-07-01. The vulnerability arises from a heap overflow in the affected software, allowing an attacker to trigger remote denial-of-service. No exploit details are provided in the sources; remediatio...
CVE-2020-14122
CVE-2020-14122 corresponds to a Xiaomi MIUI information leakage issue where the lack of parameter verification may allow forging a specific identity, causing user information leakage on affected Xiaomi devices. Several connected sources (NVD entry, Red Hat security note, CNVD, CNNVD, and related ...
CVE-2020-14105
CVE-2020-14105 describes an information-disclosure vulnerability in Xiaomi 10 devices running MIUI prior to 2020-01-15, where an application can read the device SNO information. The issue is documented across multiple sources (CNVD, CVE lists, Red Hat advisory) noting Xiaomi 10 MIUI