▲ 0 r/XiaomiGlobal
u/Double_A_92 — 1 month ago
My Xiaomi 15T Pro (EEA, codename klimt_eea_global) has been on OS3.0.9.0.WOSEUXM for a long time, despite knowing that newer versions (e.g.OS3.0.302.0) exist. The system updater always reports "no update available" and the update check returns a completely normal looking response.
After some investigation, I think I found the root cause! ...And it has nothing to do with regional restrictions or staged rollouts.
I started by looking at the Mi PC Suite desktop application. When you use it to check for updates, it sends the exact same encrypted request to update.miui.com/updates/miotaV3.php that the phone does, but over plain HTTP, which makes inspection much easier. The request body is q=<encrypted_base64>&t=&s=1. The encryption is AES-128-CBC with a key and IV that have been public for years (key = miuiotavalided11, IV = 0102030405060708).
Decrypting the q parameter from my phone’s request gave me this JSON:
{
"b": "F",
"c": "15",
"d": "klimt_eea_global",
"f": "1",
"isR": 1,
"l": "en",
"n": "",
"options": {
"zone": "2"
},
"pcid": "ba00345174c0f26cd3a1a91cea861161",
"pkg": "50d92df4f806f6f8120ef6e0df87a45f",
"r": "GB",
"sid": "1002",
"sn": "0x1d1d94560a48e9e8b7bb7d83b123b60df5d76ffe73043db0c5fa7159",
"v": "OS3.0.9.0.WOSEUXM"
}
And the server responded with this (no update):
{
"VersionBoot": "",
"Signup": {
"version": "",
"total": "",
"rank": ""
},
"AuthResult": 0,
"Code": {
"code": 2000,
"message": "success"
},
"TraceId": "0bab289eeac93f8732fb42005b9d63f2"
}
Everything looks fine, the server says success. But if you look at the request, the c field is set to 15.
I believe c represents the codebase (the Android version the device is currently on). When my phone received its last update to OS3.0.9.0, it looks like this value was not updated to reflect the new Android base. So the device still reports c=15, even though the server expects c=16 for this firmware branch.
To test this, I changed c from 15 to 16, re-encrypted the request, and sent it again. The server immediately returned an update!!!:
{
"UserLevel": 9,
"CurrentRom": {
"type": "rom",
"device": "klimt_eea_global",
"name": "3.0.9.0.WOSEUXM",
"descriptionUrl": "http://update.miui.com/updates/updateinfo/en_default.html",
"md5": "a0402c50eab08220d4aff3b02a3d5702",
"codebase": "16.0",
"branch": "F",
"filename": "klimt_eea_global-ota_full-OS3.0.9.0.WOSEUXM-user-16.0-a0402c50ea.zip",
"filesize": "6.8G",
"version": "OS3.0.9.0.WOSEUXM",
"Erase": 0,
"isBeta": 0,
"isGov": 0
},
"AuthResult": 0,
"Code": {
"code": 2000,
"message": "success"
},
"PkgRom": {
"type": "ota",
"device": "klimt_eea_global",
"name": "3.0.302.0.WOSEUXM",
"description": "MIUI\u5347\u7ea7",
"descriptionUrl": "http://update.miui.com/updates/updateinfo/en_default.html",
"md5": "50d92df4f806f6f8120ef6e0df87a45f",
"codebase": "16.0",
"branch": "F",
"filename": "klimt_eea_global-ota_incremental-OS3.0.9.0.WOSEUXM-OS3.0.302.0.WOSEUXM-user-16.0-50d92df4f8.zip",
"filesize": "1.8G",
"version": "OS3.0.302.0.WOSEUXM",
"versionForApply": "OS3.0.9.0.WOSEUXM",
"Validate": "sJCX/YfJ2I5xcOzGojRFzAWGOomW6KItSCXZBvEjpb5MXWfkhs1FtzvPHNJQrb+3OtZGbqrgwYMk4x2pB95QHcAtyEmX24P+rPTI6ihRDZWrGoH0ev5l10WhzTmkzmfdH5tcMYWzDTKntGZCe2bbg/DSp+7POXsQ6T92aPwav/TdT4PRK9hYTYlUU8Aipxkec6op9gBKLNBCAn2PL/H+GFu4T7G/syAr/nESJfZMlB+ZGyOUJlfEcIAyCu7RMs6tJXkSuYcdv18/paQrcSNJqEdtvb1770uyc1TulAZVX66euWolA9wF7CPyB6Ykp7HCsuGoLqFjBvr5XapSZkY5mA==",
"Erase": 0,
"isBeta": 0,
"isGov": 0
},
"TraceId": "4c96fc60ddae80fc0be15e36da8576e8"
}
So the server isn’t broken, it’s just silently ignoring update requests when the c value doesn’t match what it expects. There is no error message, no "wrong client version" warning, just a success code and an empty response, making the phone think it’s up to date.
It is very well possible that every device that received 3.0.9.0.WOSEUXM as the first update from HyperOS 2 is stuck in this limbo.
I’m posting this in hope that someone at Xiaomi takes a look and either:
- Updates the 3.0.9.0.WOSEUXM ROM to report
c=16correctly, or - Adjusts the server to accept
c=15for this device / ROM combination.
u/Double_A_92 — 1 month ago