{"api_version":"1","generated_at":"2026-04-23T09:52:15+00:00","cve":"CVE-2020-14123","urls":{"html":"https://cve.report/CVE-2020-14123","api":"https://cve.report/api/cve/CVE-2020-14123.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2020-14123","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2020-14123"},"summary":{"title":"CVE-2020-14123","description":"There is a pointer double free vulnerability in Some MIUI Services. When a function is called, the memory pointer is copied to two function modules, and an attacker can cause the pointer to be repeatedly released through malicious operations, resulting in the affected module crashing and affecting normal functionality, and if successfully exploited the vulnerability can cause elevation of privileges.","state":"PUBLIC","assigner":"security@xiaomi.com","published_at":"2022-04-22 16:15:00","updated_at":"2022-05-03 20:44:00"},"problem_types":["CWE-415"],"metrics":[],"references":[{"url":"https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=134","name":"https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=134","refsource":"MISC","tags":[],"title":"产品安全中心","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2020-14123","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-14123","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2020","cve_id":"14123","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mi","cpe5":"miui","cpe6":"12.5.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2020-14123","ASSIGNER":"security@xiaomi.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"MIUI","version":{"version_data":[{"version_value":"MIUI version 12.5.2"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Pointer Double Free Vulnerability"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=134","url":"https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=134"}]},"description":{"description_data":[{"lang":"eng","value":"There is a pointer double free vulnerability in Some MIUI Services. When a function is called, the memory pointer is copied to two function modules, and an attacker can cause the pointer to be repeatedly released through malicious operations, resulting in the affected module crashing and affecting normal functionality, and if successfully exploited the vulnerability can cause elevation of privileges."}]}},"nvd":{"publishedDate":"2022-04-22 16:15:00","lastModifiedDate":"2022-05-03 20:44:00","problem_types":["CWE-415"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL","baseScore":5},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:mi:miui:12.5.2:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2020","CveId":"14123","Ordinal":"175349","Title":"CVE-2020-14123","CVE":"CVE-2020-14123","Year":"2020"},"notes":[{"CveYear":"2020","CveId":"14123","Ordinal":"1","NoteData":"** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.","Type":"Description","Title":null}]}}}