CVE-2020-14127

EPSS 0.64%
Published 14.07.2022 15:15:07
Last modified 21.11.2024 05:02:43
Source security@xiaomi.com
Teams watchlist Login
Open Login

A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is caused by heap overflow and can be exploited by attackers to make remote denial of service.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Mi ≫ Miui Version < 2022.07.01

Mi ≫ Redmi K40 Version-
Mi ≫ Redmi Note 10 Pro Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.64%	0.695

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=169

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-14127

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-14127

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-14127

EUVD