CVE-2020-14114

high

Description

information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.

References

https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=277

Details

Source: Mitre, NVD

Published: 2022-07-22

Updated: 2022-07-28

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High