CVE-2024-45361 | THREATINT

Description

A protocol flaw vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is caused by the validation logic is flawed and can be exploited by attackers to leak sensitive user information.

Reserved 2024-08-28 | Published 2025-03-27 | Updated 2025-03-27 | Assigner Xiaomi

MEDIUM: 6.5CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-319 Cleartext Transmission of Sensitive Information

Product status

Default status

unaffected

Xiaomi Mi Connect Service 3.1.895.10

affected

References

trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=558

cve.org (CVE-2024-45361)

nvd.nist.gov (CVE-2024-45361)

Download JSON