CVE-2024-45347

critical

Description

An unauthorized access vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is caused by the validation logic is flawed and can be exploited by attackers to Unauthorized access to the victim’s device.

References

https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=548

Details

Source: Mitre, NVD

Published: 2025-06-23

Updated: 2025-06-23

Risk Information

CVSS v2

Base Score: 8.3

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.6

Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00025

Detections

Analytics