High severity8.1NVD Advisory· Published Oct 17, 2017· Updated Jun 17, 2026
CVE-2017-3760
CVE-2017-3760
Description
The Lenovo Service Framework Android application uses a set of nonsecure credentials when performing integrity verification of downloaded applications and/or data. This exposes the application to man-in-the-middle attacks leading to possible remote code execution.
Affected products
2- cpe:2.3:a:lenovo:service_framework:-:*:*:*:*:android:*:*
- Range: various versions
Patches
Vulnerability mechanics
References
1- support.lenovo.com/us/en/product_security/LEN-15374nvdPatchVendor Advisory
News mentions
0No linked articles in our index yet.