CVE-2017-3750

MEDIUM

Lenovo VIBE - Privilege Escalation

Title source: llm

Description

On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749.

References (1)

[Mitigation, Vendor Advisory] https://support.lenovo.com/us/en/product_security/LEN-15823

Scores

CVSS v3 6.4

EPSS 0.0001

EPSS Percentile 2.5%

Attack Vector PHYSICAL

CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (2)

google/android < 5.1.1

Lenovo Group Ltd./Lenovo Vibe and Lenovo China-only Moto Mobile Phones < Earlier than 6.0

Published Jun 29, 2017

Tracked Since Feb 18, 2026