Android Application Vulnerability in Lenovo Service Framework
CVE-2017-3760
8.1HIGH
What is CVE-2017-3760?
The Lenovo Service Framework Android application employs insecure credentials during the integrity verification of downloaded applications and data. This flaw exposes users to man-in-the-middle attacks, allowing malicious actors to intercept communications and potentially execute remote code, placing sensitive information and device integrity at risk.
Affected Version(s)
Service Framework application various versions