CVE-2020-14121

Summary

A business logic vulnerability exists in Mi App Store. The vulnerability is caused by incomplete permission checks of the products being bypassed, and an attacker can exploit the vulnerability to perform a local silent installation.

Affected Software

VendorProductVersion RangeStatus
n/aMi App StoreMi App Store version 4.12.2affected

Weaknesses

  • Business logic vulnerability

ADP Enrichment

CVE Program Container

Additional References

References