3 matches found
CVE-2020-14129
CVE-2020-14129 concerns a logic vulnerability in a Xiaomi product due to an identity verification failure that enables a brief elevation of privileges. The NVD entry rates it CVSS v3.1 as 9.8 (CRITICAL): attack vector NETWORK, attack complexity LOW, privileges required NONE, user interaction NONE...
CVE-2020-14131
Based on connected documents, CVE-2020-14131 concerns Xiaomi Security Center devices where vulnerability stems from a lack of authentication, enabling an attacker to obtain elevated privileges. The embedded reports describe a privilege escalation path without specifying exact product versions or ...
CVE-2020-14130
CVE-2020-14130 affects Xiaomi Community app versions prior to 3.0.210809. The vulnerability arises from exposure of some JavaScript interfaces, enabling an attacker to maliciously invoke sensitive functions due to an authorization issue. Details across connected sources consistently describe this...