Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLenovoCVELIST:CVE-2017-3760
HistoryOct 17, 2017 - 8:00 p.m.

CVE-2017-3760

2017-10-1720:00:00
lenovo
www.cve.org
2

AI Score

8.2

Confidence

High

EPSS

0.003

Percentile

68.7%

JSON

The Lenovo Service Framework Android application uses a set of nonsecure credentials when performing integrity verification of downloaded applications and/or data. This exposes the application to man-in-the-middle attacks leading to possible remote code execution.

CNA Affected

[
  {
    "product": "Service Framework application",
    "vendor": "Lenovo Group Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "various versions"
      }
    ]
  }
]

Related

cve 1
nvd 1
prion 1
lenovo 2
threatpost 1
cve
cve
CVE-2017-3760
2017-10-17 20:29:00
nvd
nvd
CVE-2017-3760
2017-10-17 20:29:00
prion
prion
Remote code execution
2017-10-17 20:29:00
lenovo
lenovo
Lenovo VIBE, Moto, and ZUK Mobile Phone Remote Code Execution Vulnerability - Lenovo Support US
2017-10-18 00:00:00
Lenovo Android Tablet and Lenovo VIBE, Moto, and ZUK Mobile Phone Remote Code Execution Vulnerability - us
2017-10-18 00:00:00
threatpost
threatpost
Lenovo Quietly Patches Massive Bug Impacting Its Android Tablets and Zuk, Vibe Phones
2017-10-17 09:00:10

AI Score

8.2

Confidence

High

EPSS

0.003

Percentile

68.7%

JSON
Related for CVELIST:CVE-2017-3760
cve1nvd1prion1lenovo2threatpost1