CVE-2017-3749

MEDIUM

Lenovo VIBE - Privilege Escalation

Title source: llm

Description

On Lenovo VIBE mobile phones, the Idea Friend Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3750.

References (1)

Scores

CVSS v3 6.4
EPSS 0.0001
EPSS Percentile 2.5%
Attack Vector PHYSICAL
CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (2)
google/android < 5.1.1
Lenovo Group Ltd./Lenovo Vibe and Lenovo China-only Moto Mobile Phones < Earlier than 6.0
Published Jun 29, 2017
Tracked Since Feb 18, 2026