First published: Tue Oct 17 2017(Updated: )
The Lenovo Service Framework Android application uses a set of nonsecure credentials when performing integrity verification of downloaded applications and/or data. This exposes the application to man-in-the-middle attacks leading to possible remote code execution.
Credit: psirt@lenovo.com
Affected Software | Affected Version | How to fix |
---|---|---|
Lenovo Service Framework Android |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.