Vulnerability Description
An issue was discovered on XIAOMI AI speaker MDZ-25-DT 1.34.36, and 1.40.14. Attackers can get root shell by accessing the UART interface and then they can read Wi-Fi SSID or password, read the dialogue text files between users and XIAOMI AI speaker, use Text-To-Speech tools pretend XIAOMI speakers' voice achieve social engineering attacks, eavesdrop on users and record what XIAOMI AI speaker hears, delete the entire XIAOMI AI speaker system, modify system files, stop voice assistant service, start the XIAOMI AI speaker’s SSH service as a backdoor
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mi | Mdz-25-Dt Firmware | 1.34.36 |
| Mi | Mdz-25-Dt | - |
Related Weaknesses (CWE)
References
- https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2020-8994.mdExploitThird Party Advisory
- https://www.usenix.org/sites/default/files/soups2018posters-lau.pdfTechnical DescriptionThird Party Advisory
- https://youtu.be/yCadG38yZW8ExploitThird Party Advisory
- https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2020-8994.mdExploitThird Party Advisory
- https://www.usenix.org/sites/default/files/soups2018posters-lau.pdfTechnical DescriptionThird Party Advisory
- https://youtu.be/yCadG38yZW8ExploitThird Party Advisory
FAQ
What is CVE-2020-8994?
CVE-2020-8994 is a vulnerability with a CVSS score of 6.8 (MEDIUM). An issue was discovered on XIAOMI AI speaker MDZ-25-DT 1.34.36, and 1.40.14. Attackers can get root shell by accessing the UART interface and then they can read Wi-Fi SSID or password, read the dialog...
How severe is CVE-2020-8994?
CVE-2020-8994 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-8994?
Check the references section above for vendor advisories and patch information. Affected products include: Mi Mdz-25-Dt Firmware, Mi Mdz-25-Dt.