CVE-2020-14117

A improper permission configuration vulnerability in Xiaomi Content Center APP. This vulnerability is caused by the lack of correct permission verification in the Xiaomi content center APP, and attackers can use this vulnerability to invoke the sensitive component functions of the Xiaomi content center APP.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
XiaomiCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
VendorProductVersion
micontent_center
𝑥
< 4.4.11
𝑥
= Vulnerable software versions
References
https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=143
https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=143