// For flags

CVE-2017-3748

 

Severity Score

7.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly known as 'rooting' or "jail breaking" a device).

En los teléfonos móviles Lenovo VIBE, los controles de acceso incorrectos en el componente nac_server puede emplearse junto con CVE-2017-3749 y CVE-2017-3750 para elevar los privilegios a usuario root (conocido comúnmente como "rooting" o "jail breaking" de un dispositivo).

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2016-12-16 CVE Reserved
  • 2017-06-29 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe A1600
Search vendor "Lenovo" for product "Vibe A1600"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe A2560
Search vendor "Lenovo" for product "Vibe A2560"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe A2800
Search vendor "Lenovo" for product "Vibe A2800"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe A2860
Search vendor "Lenovo" for product "Vibe A2860"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe A2880
Search vendor "Lenovo" for product "Vibe A2880"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe A3000
Search vendor "Lenovo" for product "Vibe A3000"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe A3500
Search vendor "Lenovo" for product "Vibe A3500"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe A3600-d
Search vendor "Lenovo" for product "Vibe A3600-d"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe A3600u
Search vendor "Lenovo" for product "Vibe A3600u"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe A3800-d
Search vendor "Lenovo" for product "Vibe A3800-d"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe A3900
Search vendor "Lenovo" for product "Vibe A3900"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe A6000
Search vendor "Lenovo" for product "Vibe A6000"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe A6000-i
Search vendor "Lenovo" for product "Vibe A6000-i"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe A6020i37
Search vendor "Lenovo" for product "Vibe A6020i37"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe A6600
Search vendor "Lenovo" for product "Vibe A6600"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe A6800
Search vendor "Lenovo" for product "Vibe A6800"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe K30-e
Search vendor "Lenovo" for product "Vibe K30-e"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe K30-w-cu
Search vendor "Lenovo" for product "Vibe K30-w-cu"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe K32c30
Search vendor "Lenovo" for product "Vibe K32c30"
--
Safe
Google
Search vendor "Google"
Android
Search vendor "Google" for product "Android"
<= 5.1.1
Search vendor "Google" for product "Android" and version " <= 5.1.1"
-
Affected
in Lenovo
Search vendor "Lenovo"
Vibe K80m
Search vendor "Lenovo" for product "Vibe K80m"
--
Safe