CVE-2020-14118

EUVD-2020-6277
An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by the Mi App Store does not verify the validity of the incoming data, can cause the app store to automatically download and install apps.
Open Redirect
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.1 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
Affected Products (NVD)
VendorProductVersion
mimi_app_store
𝑥
< 4.10.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=144
https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=144