GCVE - cpe:2.3:a:lenovo_group_ltd.:service_framework

Approved changes feed: RSS · Atom

cpe:2.3:a:lenovo_group_ltd.:service_framework_application:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Lenovo Group Ltd. (`f9245967-9607-50cc-9335-86283a892944`)
Product	Service Framework Application (`534bfa5b-7725-5465-b4a5-780c4d67bf45`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2017-3761`	vulnerable	2026-06-03 14:37:16.123758	Details available The Lenovo Service Framework Android application executes some system commands without proper sanitization of external input. In certain cases, this could lead to command injection which, in turn, could lead to remote code execution. Published: 2017-10-17T20:00:00.000Z Updated: 2024-09-17T03:29:06.189Z Open on db.gcve.eu Reference links https://support.lenovo.com/us/en/product_security/LEN-15374	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-3760`	vulnerable	2026-06-03 14:37:16.123454	Details available The Lenovo Service Framework Android application uses a set of nonsecure credentials when performing integrity verification of downloaded applications and/or data. This exposes the application to man-in-the-middle attacks leading to possible remote code execution. Published: 2017-10-17T20:00:00.000Z Updated: 2024-09-16T23:26:54.261Z Open on db.gcve.eu Reference links https://support.lenovo.com/us/en/product_security/LEN-15374	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-3759`	vulnerable	2026-06-03 14:37:16.123129	Details available The Lenovo Service Framework Android application accepts some responses from the server without proper validation. This exposes the application to man-in-the-middle attacks leading to possible remote code execution. Published: 2017-10-17T20:00:00.000Z Updated: 2024-09-16T19:19:06.707Z Open on db.gcve.eu Reference links https://support.lenovo.com/us/en/product_security/LEN-15374	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-3758`	vulnerable	2026-06-03 14:37:16.122175	Details available Improper access controls on several Android components in the Lenovo Service Framework application can be exploited to enable remote code execution. Published: 2017-10-17T20:00:00.000Z Updated: 2024-09-16T22:45:00.460Z Open on db.gcve.eu Reference links https://support.lenovo.com/us/en/product_security/LEN-15374	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Service Framework Application

PURL mappings

Vulnerability references

Contribute