CVE-2023-26323 HIGH

CVE-2023-26323: Xiaomi App Market has a code execution vulnerability

Vendor Xiaomi
Product App Market
Published August 28, 2024
Last update March 2, 2026

CVSS base score

7.6/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L

What the vulnerability does

01Description

A code execution vulnerability exists in the Xiaomi App market product. The vulnerability is caused by unsafe configuration and can be exploited by attackers to execute arbitrary code.

Key dates

02Disclosure timeline

August 28, 2024 CVE published
March 2, 2026 Record updated