CVE-2024-45355

A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is caused by improper validation and can be exploited by attackers to Access sensitive methods.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=553

Configurations

No configuration.

History

27 Mar 2025, 16:45

Type	Values Removed	Values Added
Summary		(es) Existe una vulnerabilidad de acceso no autorizado en el framework de teléfonos Xiaomi. Esta vulnerabilidad se debe a una validación incorrecta y puede ser explotada por atacantes para acceder a métodos confidenciales.

27 Mar 2025, 07:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-27 07:15

Updated : 2025-03-27 16:45

NVD link : CVE-2024-45355

Mitre link : CVE-2024-45355

CVE.ORG link : CVE-2024-45355

JSON object : View

Products Affected

No product.

CWE

CWE-306

Missing Authentication for Critical Function

5.5 /10