CVE-2017-3750 Information

Description

On Lenovo VIBE mobile phones the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749.

CVSS Vector

CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

https://support.lenovo.com/us/en/product_security/LEN-15823

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

6.4