Vulnerability Details CVE-2018-20823
The gyroscope on Xiaomi Mi 5s devices allows attackers to cause a denial of service (resonance and false data) via a 20.4 kHz audio signal, aka a MEMS ultrasound attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://hackaday.com/2018/07/17/freak-out-your-smartphone-with-ultrasound/
- https://medium.com/%40juliodellaflora/ultrassom-pode-causar-anomalias-no-girosc%C3%B3pio-do-xiaomi-mi5s-plus-4050d718bc7f
- https://hackaday.com/2018/07/17/freak-out-your-smartphone-with-ultrasound/
- https://medium.com/%40juliodellaflora/ultrassom-pode-causar-anomalias-no-girosc%C3%B3pio-do-xiaomi-mi5s-plus-4050d718bc7f
Products affected by CVE-2018-20823
-
cpe:2.3:h:mi:mi_5s:-
-
cpe:2.3:o:mi:mi_5s_firmware:-