The lockscreen on Elephone P9000 devices (running Android 6.0) allows physically proximate attackers to bypass a wrong-PIN lockout feature by pressing backspace after each PIN guess.
Max CVSS
7.2
EPSS Score
0.07%
Published
2017-06-30
Updated
2019-10-03
On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749.
Max CVSS
6.9
EPSS Score
0.05%
Published
2017-06-29
Updated
2019-10-03
On Lenovo VIBE mobile phones, the Idea Friend Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3750.
Max CVSS
6.9
EPSS Score
0.05%
Published
2017-06-29
Updated
2019-10-03
An elevation of privilege vulnerability in the MediaTek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and because of vulnerability specific details which limit the impact of the issue. Product: Android. Versions: N/A. Android ID: A-34468195. References: M-ALPS03162283.
Max CVSS
7.6
EPSS Score
0.14%
Published
2017-06-14
Updated
2019-10-03
An elevation of privilege vulnerability in Bluetooth could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it is a local bypass of user interaction requirements. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35385327.
Max CVSS
5.5
EPSS Score
0.05%
Published
2017-06-14
Updated
2017-07-08
An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-35310230. References: M-ALPS03162263.
Max CVSS
7.6
EPSS Score
0.14%
Published
2017-06-14
Updated
2019-10-03
In all Android releases from CAF using the Linux kernel, libtomcrypt was updated.
Max CVSS
5.5
EPSS Score
0.10%
Published
2017-06-13
Updated
2017-07-08
In all Android releases from CAF using the Linux kernel, a dynamically-protected DDR region could potentially get overwritten.
Max CVSS
5.5
EPSS Score
0.10%
Published
2017-06-13
Updated
2017-07-08
In all Android releases from CAF using the Linux kernel, a sensitive system call was allowed to be called by HLOS.
Max CVSS
5.5
EPSS Score
0.10%
Published
2017-06-13
Updated
2017-07-08
In all Android releases from CAF using the Linux kernel, a vulnerability exists in the access control settings of modem memory.
Max CVSS
9.3
EPSS Score
0.10%
Published
2017-06-13
Updated
2017-07-08
In all Android releases from CAF using the Linux kernel, some interfaces were improperly exposed to QTEE applications.
Max CVSS
5.5
EPSS Score
0.10%
Published
2017-06-13
Updated
2017-07-08
In all Android releases from CAF using the Linux kernel, access control to SMEM memory was not enabled.
Max CVSS
5.5
EPSS Score
0.09%
Published
2017-06-13
Updated
2017-07-08
In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an Improper Access Control vulnerability could potentially exist.
Max CVSS
9.3
EPSS Score
0.06%
Published
2017-06-06
Updated
2017-06-09
The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated "WRITE_SMS" permission.
Max CVSS
5.5
EPSS Score
0.04%
Published
2017-06-27
Updated
2017-07-05
In all Android releases from CAF using the Linux kernel, a vulnerability in eMMC write protection exists that can be used to bypass power-on write protection.
Max CVSS
9.3
EPSS Score
0.09%
Published
2017-06-13
Updated
2017-07-08
In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist.
Max CVSS
9.3
EPSS Score
0.06%
Published
2017-06-06
Updated
2017-06-09
In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist.
Max CVSS
9.3
EPSS Score
0.06%
Published
2017-06-06
Updated
2017-06-09
In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist.
Max CVSS
9.3
EPSS Score
0.06%
Published
2017-06-06
Updated
2017-06-08
18 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!