Critical severity9.8NVD Advisory· Published Oct 17, 2017· Updated May 13, 2026

CVE-2017-3761

Description

The Lenovo Service Framework Android application executes some system commands without proper sanitization of external input. In certain cases, this could lead to command injection which, in turn, could lead to remote code execution.

Affected products

Lenovo/Service Framework
cpe:2.3:a:lenovo:service_framework:-:*:*:*:*:android:*:*
Lenovo Group Ltd./Service Framework Applicationv5
Range: various versions

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.lenovo.com/us/en/product_security/LEN-15374nvdPatchVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000