Buffer overflow in Mi Miui
CVE-2020-14127
A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is caused by heap overflow and can be exploited by attackers to make remote denial of service.
Vulnerability class: Buffer Overflow
EPSS: 0.009 (55.2th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.
Affected products
- Mi Miui
- Mi Redmi_k40
- Mi Redmi_note_10_pro
- N/a Redmi K40 ,Redmi Note10 Pro — versions Redmi K40 MIUI<2022.07.01 ,Redmi Note10 Pro MIUI<2022.07.01
Weakness classification (CWE)
References
- security@xiaomi.com (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2020-14127?
- CVE-2020-14127 is a high-severity vulnerability in Mi Miui, classified under Out-of-bounds Write. CVSS score: 7.5/10. Published 2022-07-14.
- How severe is CVE-2020-14127?
- High severity. CVSS v3 base score is 7.5 out of 10.