CVE-2023-26324: GetApps application has code execution vulnerability
First published: Wed Aug 28 2024(Updated: )
A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code.
Credit: security@xiaomi.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mi Getapps | <30.6.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-26324?
CVE-2023-26324 is a high-severity code execution vulnerability in the XiaomiGetApps application.
How do I fix CVE-2023-26324?
To fix CVE-2023-26324, update the XiaomiGetApps application to version 30.6.0.2 or higher.
What causes the CVE-2023-26324 vulnerability?
The vulnerability CVE-2023-26324 is caused by a bypass in the verification logic of the XiaomiGetApps application.
Who is affected by CVE-2023-26324?
Users of the XiaomiGetApps application versions below 30.6.0.2 are affected by CVE-2023-26324.
What can an attacker do with CVE-2023-26324?
An attacker can exploit CVE-2023-26324 to execute malicious code on the affected devices.
- agent/title
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/weakness
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- agent/source
- vendor/mi
- canonical/mi getapps