10 matches found
EUVD-2017-12865
Malware in sbrugna...
Privilege escalation
On Lenovo VIBE mobile phones, the Idea Friend Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3750...
CVE-2017-3750
On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749...
Improper access control
On Lenovo VIBE mobile phones, improper access controls on the nacserver component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user commonly known as 'rooting' or "jail breaking" a device...
CVE-2017-3748
On Lenovo VIBE mobile phones, improper access controls on the nacserver component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user commonly known as 'rooting' or "jail breaking" a device...
CVE-2017-3750
On Lenovo VIBE phones, the Lenovo Security Android app allows private data to be backed up and restored via Android Debug Bridge, enabling tampering that leads to privilege escalation when exploited with CVE-2017-3748 and CVE-2017-3749. The root cause is described as improper access controls on t...
CVE-2017-3749
CVE-2017-3749 affects Lenovo VIBE phones (Idea Friend Android app). The vulnerability allows private data to be backed up and restored via Android Debug Bridge, enabling tampering that leads to privilege escalation when exploited with CVE-2017-3748 and CVE-2017-3750. Connected sources also descri...
Back That App Up: Gaining Root on the Lenovo Vibe
In May of 2016, Mandiant’s Red Team discovered a series of vulnerabilities present on Lenovo’s Vibe P1 Android-based mobile device that allow local privilege escalation to the user “root”. Mandiant disclosed these vulnerabilities to Lenovo in May of 2016. Lenovo advised Mandiant that it should wo...
Back That App Up: Gaining Root on the Lenovo Vibe
In May of 2016, Mandiant’s Red Team discovered a series of vulnerabilities present on Lenovo’s Vibe P1 Android-based mobile device that allow local privilege escalation to the user “root”. Mandiant disclosed these vulnerabilities to Lenovo in May of 2016. Lenovo advised Mandiant that it should wo...
Local Root Exploit on Lenovo VIBE Mobile Phones - us
Lenovo Security Advisory: LEN-15823 Potential Impact: Elevation of Privilege Severity: Medium Scope of Impact: Lenovo specific CVE Identifier: CVE-2017-3748, CVE-2017-3749, CVE-2017-3750 Summary Description: Vulnerabilities have been identified on Lenovo VIBE Mobile Phones that allow the user or ...