CPE-460CB6AE-0262-4506-9224-8BD8950ABA66 Detail

CPE Details

Mi Xiaomi XiaoAI Speaker Pro LX06

Vendor

Product

xiaomi_xiaoai_speaker_pro_lx06

Version

Created

2020-04-09
11h29 +00:00

Modified

2021-06-23
14h30 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:h:mi:xiaomi_xiaoai_speaker_pro_lx06:-:::::::*

Informations

Vendor

Product

xiaomi_xiaoai_speaker_pro_lx06

Version

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2020-10263	2020-04-08 15h31 +00:00	An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.52.4. Attackers can get root shell by accessing the UART interface and then they can (i) read Wi-Fi SSID or password, (ii) read the dialogue text files between users and XIAOMI XIAOAI speaker Pro LX06, (iii) use Text-To-Speech tools pretend XIAOMI speakers' voice achieve social engineering attacks, (iv) eavesdrop on users and record what XIAOMI XIAOAI speaker Pro LX06 hears, (v) modify system files, (vi) use commands to send any IR code through IR emitter on XIAOMI XIAOAI Speaker Pro LX06, (vii) stop voice assistant service, (viii) enable the XIAOMI XIAOAI Speaker Pro’ SSH or TELNET service as a backdoor, (IX) tamper with the router configuration of the router in the local area networks.	6.8	Medium
CVE-2020-10262	2020-04-08 15h26 +00:00	An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.58.10. Attackers can activate the failsafe mode during the boot process, and use the mi_console command cascaded by the SN code shown on the product to get the root shell password, and then the attacker can (i) read Wi-Fi SSID or password, (ii) read the dialogue text files between users and XIAOMI XIAOAI speaker Pro LX06, (iii) use Text-To-Speech tools pretend XIAOMI speakers' voice achieve social engineering attacks, (iv) eavesdrop on users and record what XIAOMI XIAOAI speaker Pro LX06 hears, (v) modify system files, (vi) use commands to send any IR code through IR emitter on XIAOMI XIAOAI Speaker Pro (LX06), (vii) stop voice assistant service, (viii) enable the XIAOMI XIAOAI Speaker Pro’s SSH or TELNET service as a backdoor, (IX) tamper with the router configuration of the router in the local area networks.	6.8	Medium

Mi Xiaomi XiaoAI Speaker Pro LX06

CPE Details

CPE Name: cpe:2.3:h:mi:xiaomi_xiaoai_speaker_pro_lx06:-:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:h:mi:xiaomi_xiaoai_speaker_pro_lx06:-:::::::*