CVE-2024-45347 | THREATINT

Description

An unauthorized access vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is caused by the validation logic is flawed and can be exploited by attackers to Unauthorized access to the victim’s device.

PUBLISHED Reserved 2024-08-28 | Published 2025-06-23 | Updated 2025-06-23 | Assigner Xiaomi

CRITICAL: 9.6CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Problem types

CWE-287 Improper Authentication

Product status

Default status

unaffected

Xiaomi Mi Connect Service3.1.895.10

affected

References

trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=548

cve.org (CVE-2024-45347)

nvd.nist.gov (CVE-2024-45347)

Download JSON