CVE-2020-14121

Publication date

2022-04-21 17:25:10

Family

Xiaomi

State

PUBLISHED

Description

A business logic vulnerability exists in Mi App Store. The vulnerability is caused by incomplete permission checks of the products being bypassed, and an attacker can exploit the vulnerability to perform a local silent installation.