Sign-up

ID

VAR-202003-1400


CVE

CVE-2020-9531


TITLE

Xiaomi MIUI Information leakage vulnerabilities in devices

Trust: 0.8

sources: JVNDB: JVNDB-2020-002530

DESCRIPTION

An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. In the Web resources of GetApps(com.xiaomi.mipicks), the parameters passed in are read and executed. After reading the resource files, relevant components open the link of the incoming URL. Although the URL is safe and can pass security detection, the data carried in the parameters are loaded and executed. An attacker can use NFC tools to get close enough to a user's unlocked phone to cause apps to be installed and information to be leaked. This is fixed on version: 2001122. Xiaomi MIUI The device contains a vulnerability related to information leakage.Information may be obtained and tampered with. The issue lies in the ability to send an intent that would not otherwise be permitted. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Xiaomi Mi9 Browser. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within Xiaomi GetApps webview. By manipulating HTML, an attacker can force a page redirection. An attacker can leverage this vulnerability to execute code in the context of the current process

Trust: 2.88

sources: NVD: CVE-2020-9531 // JVNDB: JVNDB-2020-002530 // ZDI: ZDI-20-288 // ZDI: ZDI-20-287

AFFECTED PRODUCTS

vendor:mimodel:miuiscope:eqversion:11.0.5.0.qfaeuxm

Trust: 1.0

vendor:xiaomimodel:miuiscope:eqversion:11.0.5.0.qfaeuxm

Trust: 0.8

vendor:xiaomimodel:mi6scope: - version: -

Trust: 0.7

vendor:xiaomimodel:browserscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-20-288 // ZDI: ZDI-20-287 // JVNDB: JVNDB-2020-002530 // NVD: CVE-2020-9531

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2020-9531
value: MEDIUM

Trust: 1.4

nvd@nist.gov: CVE-2020-9531
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-002530
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202003-242
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2020-9531
severity: MEDIUM
baseScore: 4.3
vectorString: AV:A/AC:M/AU:N/C:P/I:P/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 5.5
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-002530
severity: MEDIUM
baseScore: 4.3
vectorString: AV:A/AC:M/AU:N/C:P/I:P/A:N
accessVector: ADJACENT NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

nvd@nist.gov: CVE-2020-9531
baseSeverity: HIGH
baseScore: 7.3
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.1
impactScore: 5.2
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-002530
baseSeverity: HIGH
baseScore: 7.3
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2020-9531
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 1.8
impactScore: 3.4
version: 3.0

Trust: 0.7

ZDI: CVE-2020-9531
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 2.1
impactScore: 3.4
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-20-288 // ZDI: ZDI-20-287 // JVNDB: JVNDB-2020-002530 // CNNVD: CNNVD-202003-242 // NVD: CVE-2020-9531

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-200

Trust: 0.8

sources: JVNDB: JVNDB-2020-002530 // NVD: CVE-2020-9531

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202003-242

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-202003-242

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-002530

PATCH
title:Thank you Letter | Thanks to FSecureLabs for supporting Xiaomi Securityurl:https://sec.xiaomi.com/post/180
Trust: 0.8
title:Xiaomi MIUI Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111632
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2020-002530 // 
            
            
            
            CNNVD: CNNVD-202003-242

EXTERNAL IDS
db:NVDid:CVE-2020-9531
Trust: 3.8
db:ZDIid:ZDI-20-288
Trust: 2.3
db:ZDIid:ZDI-20-287
Trust: 2.3
db:JVNDBid:JVNDB-2020-002530
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-9657
Trust: 0.7
db:ZDI_CANid:ZDI-CAN-9656
Trust: 0.7
db:CNNVDid:CNNVD-202003-242
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-288 // 
            
            
            
            ZDI: ZDI-20-287 // 
            
            
            
            JVNDB: JVNDB-2020-002530 // 
            
            
            
            CNNVD: CNNVD-202003-242 // 
            
            
            
            NVD: CVE-2020-9531

REFERENCES
url:https://www.zerodayinitiative.com/advisories/zdi-20-288/
Trust: 2.2
url:https://sec.xiaomi.com/post/180
Trust: 1.6
url:https://www.zerodayinitiative.com/advisories/zdi-20-287/
Trust: 1.6
url:https://nvd.nist.gov/vuln/detail/cve-2020-9531
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9531
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2020-002530 // 
            
            
            
            CNNVD: CNNVD-202003-242 // 
            
            
            
            NVD: CVE-2020-9531

CREDITS
@FSecureLabs
Trust: 1.4
sources:
            
            
            ZDI: ZDI-20-288 // 
            
            
            
            ZDI: ZDI-20-287

SOURCES
db:ZDIid:ZDI-20-288
db:ZDIid:ZDI-20-287
db:JVNDBid:JVNDB-2020-002530
db:CNNVDid:CNNVD-202003-242
db:NVDid:CVE-2020-9531

LAST UPDATE DATE
2024-11-23T22:58:20.086000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-20-288date:2020-03-12T00:00:00
db:ZDIid:ZDI-20-287date:2020-03-12T00:00:00
db:JVNDBid:JVNDB-2020-002530date:2020-03-18T00:00:00
db:CNNVDid:CNNVD-202003-242date:2022-01-04T00:00:00
db:NVDid:CVE-2020-9531date:2024-11-21T05:40:49.077

SOURCES RELEASE DATE
db:ZDIid:ZDI-20-288date:2020-03-12T00:00:00
db:ZDIid:ZDI-20-287date:2020-03-12T00:00:00
db:JVNDBid:JVNDB-2020-002530date:2020-03-18T00:00:00
db:CNNVDid:CNNVD-202003-242date:2020-03-06T00:00:00
db:NVDid:CVE-2020-9531date:2020-03-06T17:15:12.587