CVE-2018-20523 : Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi

Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser.searchhistory/searchhistory request.

Published 2019-06-07 16:29:00

Updated 2022-04-19 15:36:16

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2018-20523

MI » Stock Browser » Version: 10.2.4g
cpe:2.3:a:mi:stock_browser:10.2.4g:*:*:*:*:*:*:*
Matching versions
MI » Redmi 7 Firmware » Version: N/A
cpe:2.3:o:mi:redmi_7_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi 7 » Version: N/A
MI » Redmi Note 7 Firmware » Version: N/A
cpe:2.3:o:mi:redmi_note_7_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi Note 7 » Version: N/A
MI » Redmi Note 6 Pro Firmware » Version: N/A
cpe:2.3:o:mi:redmi_note_6_pro_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi Note 6 Pro » Version: N/A
MI » Redmi 6 Firmware » Version: N/A
cpe:2.3:o:mi:redmi_6_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi 6 » Version: N/A
MI » Redmi 6a Firmware » Version: N/A
cpe:2.3:o:mi:redmi_6a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi 6a » Version: N/A
MI » Redmi S2 Firmware » Version: N/A
cpe:2.3:o:mi:redmi_s2_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi S2 » Version: N/A
MI » Redmi Note 5 Pro Firmware » Version: N/A
cpe:2.3:o:mi:redmi_note_5_pro_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi Note 5 Pro » Version: N/A
MI » Redmi K20 Pro Firmware » Version: N/A
cpe:2.3:o:mi:redmi_k20_pro_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi K20 Pro » Version: N/A
MI » Redmi K20 Firmware » Version: N/A
cpe:2.3:o:mi:redmi_k20_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi K20 » Version: N/A
MI » Redmi 7a Firmware » Version: N/A
cpe:2.3:o:mi:redmi_7a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi 7a » Version: N/A
MI » Redmi Go Firmware » Version: N/A
cpe:2.3:o:mi:redmi_go_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi Go » Version: N/A
MI » Redmi Note 5 Firmware » Version: N/A
cpe:2.3:o:mi:redmi_note_5_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi Note 5 » Version: N/A
MI » Redmi Y3 Firmware » Version: N/A
cpe:2.3:o:mi:redmi_y3_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi Y3 » Version: N/A
MI » Redmi Note 7s Firmware » Version: N/A
cpe:2.3:o:mi:redmi_note_7s_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi Note 7s » Version: N/A
MI » Redmi 4a Firmware » Version: N/A
cpe:2.3:o:mi:redmi_4a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi 4a » Version: N/A
MI » Redmi Note 4 Firmware » Version: N/A
cpe:2.3:o:mi:redmi_note_4_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi Note 4 » Version: N/A
MI » Redmi 5 Plus Firmware » Version: N/A
cpe:2.3:o:mi:redmi_5_plus_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi 5 Plus » Version: N/A
MI » Redmi Note 5a Prime Firmware » Version: N/A
cpe:2.3:o:mi:redmi_note_5a_prime_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: MI » Redmi Note 5a Prime » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2018-20523

EPSS FAQ

14.69%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 94 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2018-20523

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
5.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N	3.9	1.4	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: None Availability: None

CWE ids for CVE-2018-20523

CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2018-20523

https://sec.xiaomi.com

Xiaomi Security Center
Broken Link;Vendor Advisory

CVEs referencing this url
http://packetstormsecurity.com/files/163796/Xiaomi-10.2.4.g-Information-Disclosure.html

Xiaomi 10.2.4.g Information Disclosure ≈ Packet Storm
Exploit;Third Party Advisory;VDB Entry
https://vishwarajbhattrai.wordpress.com/2019/03/22/content-provider-injection-in-xiaomi-stock-browser

Content provider injection in Xiaomi stock browser – Vishwaraj Bhattrai
Exploit;Third Party Advisory

Jump to

Vulnerability Details : CVE-2018-20523

Products affected by CVE-2018-20523

Exploit prediction scoring system (EPSS) score for CVE-2018-20523

CVSS scores for CVE-2018-20523

CWE ids for CVE-2018-20523

References for CVE-2018-20523