CVE-2024-45361: Mi Connect Service APP protocol flaws lead to leaking sensitive user information
First published: Thu Mar 27 2025(Updated: )
A protocol flaw vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is caused by the validation logic is flawed and can be exploited by attackers to leak sensitive user information.
Credit: security@xiaomi.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xiaomi Mi Connect Service APP |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-45361?
CVE-2024-45361 is considered a high severity vulnerability due to its potential to leak sensitive user information.
How do I fix CVE-2024-45361?
To mitigate CVE-2024-45361, update the Xiaomi Mi Connect Service APP to the latest version provided by the vendor.
What types of information are at risk due to CVE-2024-45361?
CVE-2024-45361 could allow attackers to access sensitive user information stored within the Xiaomi Mi Connect Service APP.
Who is affected by CVE-2024-45361?
Anyone using the Xiaomi Mi Connect Service APP is potentially affected by CVE-2024-45361.
Is there a way to detect if CVE-2024-45361 has been exploited?
Detection of CVE-2024-45361 exploitation can be challenging, but monitoring for unauthorized access or unusual activity may help.
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/references
- agent/weakness
- agent/type
- agent/description
- agent/first-publish-date
- agent/severity
- agent/author
- agent/source
- agent/softwarecombine
- agent/event
- agent/tags
- collector/nvd-api
- source/NVD
- agent/guess-ai
- agent/software-canonical-lookup
- agent/last-modified-date
- vendor/xiaomi
- canonical/xiaomi mi connect service app