CVE-2020-8994

Published: Mar 5, 2020Modified: Nov 21, 2024

6.8

Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.9 / Impact: 5.9

Source: NVD

Description

An issue was discovered on XIAOMI AI speaker MDZ-25-DT 1.34.36, and 1.40.14. Attackers can get root shell by accessing the UART interface and then they can read Wi-Fi SSID or password, read the dialogue text files between users and XIAOMI AI speaker, use Text-To-Speech tools pretend XIAOMI speakers' voice achieve social engineering attacks, eavesdrop on users and record what XIAOMI AI speaker hears, delete the entire XIAOMI AI speaker system, modify system files, stop voice assistant service, start the XIAOMI AI speaker’s SSH service as a backdoor

Affected (2)

Products: Mi: Mdz 25 Dt Firmware

1 product

Mdz 25 Dt Firmware

Configuration A

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Mi Mdz 25 Dt Firmware	Version 1.34.36
Mi Mdz 25 Dt Firmware	Version 1.40.14

Running on/with	Platform Versions
Mi Mdz 25 Dt	All versions

Related CWEs

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (6)

https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2020-8994.md

Source: cve@mitre.org

ExploitThird Party Advisory

https://www.usenix.org/sites/default/files/soups2018posters-lau.pdf

Source: cve@mitre.org

Technical DescriptionThird Party Advisory

https://youtu.be/yCadG38yZW8

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2020-8994.md

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://www.usenix.org/sites/default/files/soups2018posters-lau.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Technical DescriptionThird Party Advisory

https://youtu.be/yCadG38yZW8

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.