CVE-2020-14114
First published: Fri Jul 22 2022(Updated: )
information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.
Credit: security@xiaomi.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| mi SmartHome | <=6.4.701 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this information leakage vulnerability in Xiaomi SmartHome APP?
The vulnerability ID is CVE-2020-14114.
What is the cause of this information leakage vulnerability?
The vulnerability is caused by illegal calls of some sensitive JS interfaces.
How can this vulnerability be exploited?
Attackers can exploit this vulnerability to leak sensitive information.
What is the affected software version?
The affected software version is mi SmartHome 6.4.701.
What is the severity rating of this vulnerability?
The severity of this vulnerability is high with a CVSS score of 7.5.
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/mi
- canonical/mi smarthome
- version/mi smarthome/6.4.701