Lenovo: >> Vibe A6020i37 Security Vulnerabilities
On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly known as 'rooting' or "jail breaking" a device).
CVSS Score
7.8
EPSS Score
0.0
Published
2017-06-29
On Lenovo VIBE mobile phones, the Idea Friend Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3750.
CVSS Score
6.4
EPSS Score
0.0
Published
2017-06-29
On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749.
CVSS Score
6.4
EPSS Score
0.0
Published
2017-06-29