var-202003-1400
Vulnerability from variot
An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. In the Web resources of GetApps(com.xiaomi.mipicks), the parameters passed in are read and executed. After reading the resource files, relevant components open the link of the incoming URL. Although the URL is safe and can pass security detection, the data carried in the parameters are loaded and executed. An attacker can use NFC tools to get close enough to a user's unlocked phone to cause apps to be installed and information to be leaked. This is fixed on version: 2001122. Xiaomi MIUI The device contains a vulnerability related to information leakage.Information may be obtained and tampered with. The issue lies in the ability to send an intent that would not otherwise be permitted. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Xiaomi Mi9 Browser. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within Xiaomi GetApps webview. By manipulating HTML, an attacker can force a page redirection. An attacker can leverage this vulnerability to execute code in the context of the current process
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "miui",
"scope": "eq",
"trust": 1.0,
"vendor": "mi",
"version": "11.0.5.0.qfaeuxm"
},
{
"_id": null,
"model": "miui",
"scope": "eq",
"trust": 0.8,
"vendor": "xiaomi",
"version": "11.0.5.0.qfaeuxm"
},
{
"_id": null,
"model": "mi6",
"scope": null,
"trust": 0.7,
"vendor": "xiaomi",
"version": null
},
{
"_id": null,
"model": "browser",
"scope": null,
"trust": 0.7,
"vendor": "xiaomi",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-288"
},
{
"db": "ZDI",
"id": "ZDI-20-287"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002530"
},
{
"db": "NVD",
"id": "CVE-2020-9531"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:xiaomi:miui_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002530"
}
]
},
"credits": {
"_id": null,
"data": "@FSecureLabs",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-288"
},
{
"db": "ZDI",
"id": "ZDI-20-287"
}
],
"trust": 1.4
},
"cve": "CVE-2020-9531",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CVE-2020-9531",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-002530",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2020-9531",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.3,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-002530",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"id": "CVE-2020-9531",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.1,
"id": "CVE-2020-9531",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "REQUIRED",
"vectorString": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2020-9531",
"trust": 1.4,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-9531",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-002530",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-242",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-288"
},
{
"db": "ZDI",
"id": "ZDI-20-287"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002530"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-242"
},
{
"db": "NVD",
"id": "CVE-2020-9531"
}
]
},
"description": {
"_id": null,
"data": "An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. In the Web resources of GetApps(com.xiaomi.mipicks), the parameters passed in are read and executed. After reading the resource files, relevant components open the link of the incoming URL. Although the URL is safe and can pass security detection, the data carried in the parameters are loaded and executed. An attacker can use NFC tools to get close enough to a user\u0027s unlocked phone to cause apps to be installed and information to be leaked. This is fixed on version: 2001122. Xiaomi MIUI The device contains a vulnerability related to information leakage.Information may be obtained and tampered with. The issue lies in the ability to send an intent that would not otherwise be permitted. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Xiaomi Mi9 Browser. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within Xiaomi GetApps webview. By manipulating HTML, an attacker can force a page redirection. An attacker can leverage this vulnerability to execute code in the context of the current process",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9531"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002530"
},
{
"db": "ZDI",
"id": "ZDI-20-288"
},
{
"db": "ZDI",
"id": "ZDI-20-287"
}
],
"trust": 2.88
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2020-9531",
"trust": 3.8
},
{
"db": "ZDI",
"id": "ZDI-20-288",
"trust": 2.3
},
{
"db": "ZDI",
"id": "ZDI-20-287",
"trust": 2.3
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002530",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9657",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9656",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202003-242",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-288"
},
{
"db": "ZDI",
"id": "ZDI-20-287"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002530"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-242"
},
{
"db": "NVD",
"id": "CVE-2020-9531"
}
]
},
"id": "VAR-202003-1400",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.7
},
"last_update_date": "2024-11-23T22:58:20.086000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Thank you Letter | Thanks to FSecureLabs for supporting Xiaomi Security",
"trust": 0.8,
"url": "https://sec.xiaomi.com/post/180"
},
{
"title": "Xiaomi MIUI Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111632"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002530"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-242"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-200",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002530"
},
{
"db": "NVD",
"id": "CVE-2020-9531"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.2,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-288/"
},
{
"trust": 1.6,
"url": "https://sec.xiaomi.com/post/180"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-287/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9531"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9531"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002530"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-242"
},
{
"db": "NVD",
"id": "CVE-2020-9531"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-20-288",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-287",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002530",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202003-242",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2020-9531",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2020-03-12T00:00:00",
"db": "ZDI",
"id": "ZDI-20-288",
"ident": null
},
{
"date": "2020-03-12T00:00:00",
"db": "ZDI",
"id": "ZDI-20-287",
"ident": null
},
{
"date": "2020-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002530",
"ident": null
},
{
"date": "2020-03-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-242",
"ident": null
},
{
"date": "2020-03-06T17:15:12.587000",
"db": "NVD",
"id": "CVE-2020-9531",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2020-03-12T00:00:00",
"db": "ZDI",
"id": "ZDI-20-288",
"ident": null
},
{
"date": "2020-03-12T00:00:00",
"db": "ZDI",
"id": "ZDI-20-287",
"ident": null
},
{
"date": "2020-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002530",
"ident": null
},
{
"date": "2022-01-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-242",
"ident": null
},
{
"date": "2024-11-21T05:40:49.077000",
"db": "NVD",
"id": "CVE-2020-9531",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-242"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Xiaomi MIUI Information leakage vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002530"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-242"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.