← Back to CVEs
CVE-2017-3748
N/ADescription
On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly known as 'rooting' or "jail breaking" a device).
CVE Details
CVSS v3.1 ScoreN/A
Published6/29/2017
Last Modified4/20/2025
Sourcenvd
Honeypot Sightings0
Affected Products
google:androidlenovo:vibe_a1600lenovo:vibe_a2560lenovo:vibe_a2800lenovo:vibe_a2860lenovo:vibe_a2880lenovo:vibe_a3000lenovo:vibe_a3500lenovo:vibe_a3600-dlenovo:vibe_a3600ulenovo:vibe_a3800-dlenovo:vibe_a3900lenovo:vibe_a6000lenovo:vibe_a6000-ilenovo:vibe_a6020i37lenovo:vibe_a6600lenovo:vibe_a6800lenovo:vibe_k30-elenovo:vibe_k30-w-culenovo:vibe_k32c30lenovo:vibe_k80m
References
http://www.securityfocus.com/bid/99295(psirt@lenovo.com)
https://support.lenovo.com/us/en/product_security/LEN-15823(psirt@lenovo.com)
http://www.securityfocus.com/bid/99295(af854a3a-2127-422b-91ae-364da2661108)
https://support.lenovo.com/us/en/product_security/LEN-15823(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.