Privilege Escalation Vulnerability in Lenovo VIBE Mobile Phones via Idea Friend App
CVE-2017-3749
6.4MEDIUM
Key Information:
- Vendor
Lenovo
- Vendor
- CVE Published:
- 29 June 2017
What is CVE-2017-3749?
The Idea Friend Android application on Lenovo VIBE mobile phones has a security flaw that enables unauthorized access to private data. This vulnerability allows users to back up and restore data via the Android Debug Bridge (ADB), which can be exploited to manipulate the device’s permissions and escalate privileges. This issue is compounded when viewed alongside other associated vulnerabilities, leading to significant security concerns for users of the affected mobile devices.
Affected Version(s)
Lenovo Vibe and Lenovo China-only Moto Mobile Phones Earlier than 6.0