CNNVD-202506-2955 Information

CNNVD ID

CNNVD-202506-2955

Related CVE

CVE-2024-45347

• CNNVD Published: 2025-06-23

Description (Chinese)

Xiaomi Mi Connect Service APP是中国小米（Xiaomi）公司的一个用于实现小米设备之间连接和交互的应用程序，它可以帮助用户快速连接和管理各种小米智能设备，实现设备之间的数据传输和协同工作。 Xiaomi Mi Connect Service APP存在授权问题漏洞，该漏洞源于验证逻辑缺陷，可能导致未授权访问设备。

Description (English)

Xiaomi Mi Connect Service APP is an application of the Chinese company Xiaomi to connect and interact with millet equipment, which can help users quickly connect and manage various millet smart devices, and achieve data transfer and teamwork between them. There is a mandate gap in Xiaomi Mi Contact Service APP, which stems from a certification logic flaw that may lead to unauthorized access to equipment.

Hazard Level

Low

Vulnerability Type

授权问题

Affected Vendor

小米

Published

2025-06-23

Last Modified

2026-02-24

References

https://nvd.nist.gov/vuln/detail/CVE-2024-45347

Patch

https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=548