Shodan
Vulnerabilities
Vulnerable Software
Google:  >> Android  >> 4.4.3  Security Vulnerabilities
CVE-2017-6249
An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34373711. References: N-CVE-2017-6249.
CVSS Score
7.0
EPSS Score
0.001
Published
2017-07-13
CVE-2017-3748
On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly known as 'rooting' or "jail breaking" a device).
CVSS Score
7.8
EPSS Score
0.0
Published
2017-06-29
CVE-2017-3749
On Lenovo VIBE mobile phones, the Idea Friend Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3750.
CVSS Score
6.4
EPSS Score
0.0
Published
2017-06-29
CVE-2017-3750
On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749.
CVSS Score
6.4
EPSS Score
0.0
Published
2017-06-29
CVE-2015-3840
The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated "WRITE_SMS" permission.
CVSS Score
5.5
EPSS Score
0.0
Published
2017-06-27
CVE-2016-10335
In all Android releases from CAF using the Linux kernel, libtomcrypt was updated.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-06-13
CVE-2016-10336
In all Android releases from CAF using the Linux kernel, some regions of memory were not protected during boot.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-06-13
CVE-2016-10337
In all Android releases from CAF using the Linux kernel, some validation of secure applications was not being performed.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-06-13
CVE-2016-10338
In all Android releases from CAF using the Linux kernel, there was an issue related to RPMB processing.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-06-13
CVE-2016-10339
In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore.
CVSS Score
7.1
EPSS Score
0.001
Published
2017-06-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved