Lenovo Service Framework — known CVE vulnerabilities
Every CVE whose affected-product data names Lenovo Service Framework, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2017-3758 — CVSS 9.8 (critical): Improper access controls on several Android components in the Lenovo Service Framework application can be exploited to enable remote code…
CVE-2017-3761 — CVSS 9.8 (critical): The Lenovo Service Framework Android application executes some system commands without proper sanitization of external input. In certain…
CVE-2017-3759 — CVSS 8.1 (high): The Lenovo Service Framework Android application accepts some responses from the server without proper validation. This exposes the…
CVE-2017-3760 — CVSS 8.1 (high): The Lenovo Service Framework Android application uses a set of nonsecure credentials when performing integrity verification of downloaded…