CVE-2017-3761

Summary

The Lenovo Service Framework Android application executes some system commands without proper sanitization of external input. In certain cases, this could lead to command injection which, in turn, could lead to remote code execution.

Affected Software

VendorProductVersion RangeStatus
Lenovo Group Ltd.Service Framework applicationvarious versionsaffected

Weaknesses

  • Remote code execution

ADP Enrichment

CVE Program Container

Additional References

References