CVE-2020-14122

Published: Apr 21, 2022Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

Some Xiaomi phones have information leakage vulnerabilities, and some of them may be able to forge a specific identity due to the lack of parameter verification, resulting in user information leakage.

Affected (1)

Products: Mi: Miui

1 product

Miui

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mi Miui	Version 12.5.2

Related CWEs

CWE-345

Insufficient Verification of Data Authenticity

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

References (2)

https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=147

Source: security@xiaomi.com

Vendor Advisory

https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=147

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.