Vulnerabilities > CVE-2020-14106 - Incorrect Authorization vulnerability in MI Miui

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

CWE-863

NVD

Published: 2021-04-08

Updated: 2021-04-14

Summary

The application in the mobile phone can unauthorized access to the list of running processes in the mobile phone, Xiaomi Mobile Phone MIUI < 2021.01.26.

Vulnerable Configurations

Part	Description	Count
OS	Mi MI Miui *	1

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=29&locale=zh