Vulnerabilities > Lenovo > Service Framework
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-17 | CVE-2017-3761 | OS Command Injection vulnerability in Lenovo Service Framework The Lenovo Service Framework Android application executes some system commands without proper sanitization of external input. | 10.0 |
| 2017-10-17 | CVE-2017-3760 | Improper Validation of Integrity Check Value vulnerability in Lenovo Service Framework The Lenovo Service Framework Android application uses a set of nonsecure credentials when performing integrity verification of downloaded applications and/or data. | 5.1 |
| 2017-10-17 | CVE-2017-3759 | Improper Input Validation vulnerability in Lenovo Service Framework The Lenovo Service Framework Android application accepts some responses from the server without proper validation. | 6.8 |
| 2017-10-17 | CVE-2017-3758 | Unspecified vulnerability in Lenovo Service Framework Improper access controls on several Android components in the Lenovo Service Framework application can be exploited to enable remote code execution. | 7.5 |