CVE-2024-45356

A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is caused by improper validation and can be exploited by attackers to Access sensitive methods.

CVSS v3 7.3 HIGH

7.3^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.5

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=554

Configurations

No configuration.

History

27 Mar 2025, 16:45

Type	Values Removed	Values Added
Summary		(es) Existe una vulnerabilidad de acceso no autorizado en el framework de teléfonos Xiaomi. Esta vulnerabilidad se debe a una validación incorrecta y puede ser explotada por atacantes para acceder a métodos confidenciales.

27 Mar 2025, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-27 08:15

Updated : 2025-03-27 16:45

NVD link : CVE-2024-45356

Mitre link : CVE-2024-45356

CVE.ORG link : CVE-2024-45356

JSON object : View

Products Affected

No product.

CWE

CWE-306

Missing Authentication for Critical Function

7.3 /10