CVE-2018-20523

moderate-risk
Published 2019-06-07

Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser.searchhistory/searchhistory request.

Do I need to act?

~
6.1% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
50188
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.3/10 Medium
NETWORK / LOW complexity

Affected Products (19)

Stock Browser
Redmi 7 Firmware
Redmi Note 7 Firmware
Redmi Note 6 Pro Firmware
Redmi 6 Firmware
Redmi 6A Firmware
Redmi S2 Firmware
Redmi Note 5 Pro Firmware
Redmi K20 Pro Firmware
Redmi K20 Firmware
Redmi 7A Firmware
Redmi Go Firmware
Redmi Note 5 Firmware
Redmi Y3 Firmware
Redmi Note 7S Firmware
Redmi 4A Firmware
Redmi Note 4 Firmware
Redmi 5 Plus Firmware
Redmi Note 5A Prime Firmware

Affected Vendors

Mi

References (6)

Exploit http://packetstormsecurity.com/files/163796/Xiaomi-10.2.4.g-Information-Disclosu...
Broken Link https://sec.xiaomi.com
Exploit https://vishwarajbhattrai.wordpress.com/2019/03/22/content-provider-injection-in...
Exploit http://packetstormsecurity.com/files/163796/Xiaomi-10.2.4.g-Information-Disclosu...
Broken Link https://sec.xiaomi.com
Exploit https://vishwarajbhattrai.wordpress.com/2019/03/22/content-provider-injection-in...
49
/ 100
moderate-risk
Severity 21/34 · High
Exploitability 9/34 · Low
Exposure 19/34 · Moderate