CVE-2024-45355

Summary

A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is caused by improper validation and can be exploited by attackers to Access sensitive methods.

Affected Software

VendorProductVersion RangeStatus
XiaomiXiaomi phone frameworkXiaomi phone framework 14affected

Weaknesses

  • CWE-306: CWE-306 Missing Authentication for Critical Function

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References