CVE-2020-14118
MEDIUMMi App Store < 4.10.0 - Intent Redirection to Untrusted App Installation
Title source: llmDescription
An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by the Mi App Store does not verify the validity of the incoming data, can cause the app store to automatically download and install apps.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=144
Scores
CVSS v3
6.1
EPSS
0.0053
EPSS Percentile
40.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-601
Status
published
Products (1)
mi/mi_app_store
< 4.10.0
Published
Apr 21, 2022
Tracked Since
Feb 18, 2026