Lenovo : Security Vulnerabilities, CVEs, Published In 2017 CVSS score >= 9

CVE-2017-3761

The Lenovo Service Framework Android application executes some system commands without proper sanitization of external input. In certain cases, this could lead to command injection which, in turn, could lead to remote code execution.
Max CVSS
10.0
EPSS Score
0.41%
Published
2017-10-17
Updated
2019-10-03

CVE-2017-3758

Improper access controls on several Android components in the Lenovo Service Framework application can be exploited to enable remote code execution.
Max CVSS
9.8
EPSS Score
0.95%
Published
2017-10-17
Updated
2019-10-03

CVE-2016-8237

Remote code execution in Lenovo Updates (not Lenovo System Update) allows man-in-the-middle attackers to execute arbitrary code.
Max CVSS
9.3
EPSS Score
0.59%
Published
2017-04-10
Updated
2017-04-17

CVE-2016-8233

Log files generated by Lenovo XClarity Administrator (LXCA) versions earlier than 1.2.2 may contain user credentials in a non-secure, clear text form that could be viewed by a non-privileged user.
Max CVSS
9.8
EPSS Score
0.24%
Published
2017-03-01
Updated
2017-03-03
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close