CVE-2024-45356

A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is caused by improper validation and can be exploited by attackers to Access sensitive methods.

CVSS v3 7.3 HIGH

7.3^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.5

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=554

Configurations

No configuration.

History

No history.

Information

Published : 2025-03-27 08:15

Updated : 2025-03-27 16:45

NVD link : CVE-2024-45356

Mitre link : CVE-2024-45356

CVE.ORG link : CVE-2024-45356

JSON object : View

Products Affected

No product.

CWE

CWE-306

Missing Authentication for Critical Function

7.3 /10