CVE-2020-14114

Published: Jul 22, 2022Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.

Affected (1)

Products: Mi: Smarthome

1 product

Smarthome

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mi Smarthome	Up to 6.4.701

References (2)

https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=277

Source: security@xiaomi.com

Vendor Advisory

https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=277

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.