Sign-up

ID

VAR-202004-0390


CVE

CVE-2020-10263


TITLE

XIAOMI XIAOAI speaker Pro LX06 Input verification vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-003880

DESCRIPTION

An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.52.4. Attackers can get root shell by accessing the UART interface and then they can (i) read Wi-Fi SSID or password, (ii) read the dialogue text files between users and XIAOMI XIAOAI speaker Pro LX06, (iii) use Text-To-Speech tools pretend XIAOMI speakers' voice achieve social engineering attacks, (iv) eavesdrop on users and record what XIAOMI XIAOAI speaker Pro LX06 hears, (v) modify system files, (vi) use commands to send any IR code through IR emitter on XIAOMI XIAOAI Speaker Pro LX06, (vii) stop voice assistant service, (viii) enable the XIAOMI XIAOAI Speaker Pro’ SSH or TELNET service as a backdoor, (IX) tamper with the router configuration of the router in the local area networks. XIAOMI XIAOAI speaker Pro LX06 There is an input verification vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Xiaomi Xiao AI Speaker Pro LX06 is a smart speaker of China Xiaomi Technology (Xiaomi)

Trust: 2.16

sources: NVD: CVE-2020-10263 // JVNDB: JVNDB-2020-003880 // CNVD: CNVD-2020-27286

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

category:['wearable device']sub_category:smart speaker

Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2020-27286

AFFECTED PRODUCTS

vendor:mimodel:xiaomi xiaoai speaker pro lx06scope:eqversion:1.52.4

Trust: 1.0

vendor:xiaomimodel:xiaoai speaker pro lx06scope:eqversion:1.52.4

Trust: 0.8

vendor:xiaomimodel:xiao ai speaker pro lx06scope:eqversion:1.52.4

Trust: 0.6

sources: CNVD: CNVD-2020-27286 // JVNDB: JVNDB-2020-003880 // NVD: CVE-2020-10263

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-10263
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2020-003880
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2020-27286
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202004-484
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2020-10263
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-003880
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-27286
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-10263
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-003880
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-27286 // JVNDB: JVNDB-2020-003880 // CNNVD: CNNVD-202004-484 // NVD: CVE-2020-10263

PROBLEMTYPE DATA

problemtype:CWE-306

Trust: 1.0

problemtype:CWE-20

Trust: 0.8

sources: JVNDB: JVNDB-2020-003880 // NVD: CVE-2020-10263

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202004-484

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-003880

PATCH
title:Xiaomi Security Centerurl:https://sec.xiaomi.com
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2020-003880

EXTERNAL IDS
db:NVDid:CVE-2020-10263
Trust: 3.1
db:JVNDBid:JVNDB-2020-003880
Trust: 0.8
db:CNVDid:CNVD-2020-27286
Trust: 0.6
db:CNNVDid:CNNVD-202004-484
Trust: 0.6
db:OTHERid:NONE
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            CNVD: CNVD-2020-27286 // 
            
            
            
            JVNDB: JVNDB-2020-003880 // 
            
            
            
            CNNVD: CNNVD-202004-484 // 
            
            
            
            NVD: CVE-2020-10263

REFERENCES
url:https://github.com/jian-xian/cve-poc/blob/master/cve-2020-10263.md
Trust: 2.4
url:https://nvd.nist.gov/vuln/detail/cve-2020-10263
Trust: 2.0
url:https://www.youtube.com/watch?v=cr5dupgxml4
Trust: 1.6
url:https://sec.xiaomi.com
Trust: 1.6
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10263
Trust: 0.8
url:https://ieeexplore.ieee.org/abstract/document/10769424
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            CNVD: CNVD-2020-27286 // 
            
            
            
            JVNDB: JVNDB-2020-003880 // 
            
            
            
            CNNVD: CNNVD-202004-484 // 
            
            
            
            NVD: CVE-2020-10263

SOURCES
db:OTHERid: - 
db:CNVDid:CNVD-2020-27286
db:JVNDBid:JVNDB-2020-003880
db:CNNVDid:CNNVD-202004-484
db:NVDid:CVE-2020-10263

LAST UPDATE DATE
2025-01-30T20:52:13.324000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-27286date:2020-05-09T00:00:00
db:JVNDBid:JVNDB-2020-003880date:2020-04-27T00:00:00
db:CNNVDid:CNNVD-202004-484date:2020-04-14T00:00:00
db:NVDid:CVE-2020-10263date:2024-11-21T04:55:05.433

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-27286date:2020-05-09T00:00:00
db:JVNDBid:JVNDB-2020-003880date:2020-04-27T00:00:00
db:CNNVDid:CNNVD-202004-484date:2020-04-08T00:00:00
db:NVDid:CVE-2020-10263date:2020-04-08T18:15:15.277