Welcome to Smokey's Security Forums.
As a guest you only have limited access to the board and it's features, please consider registering to gain full access!
Registration is free and it only takes a few moments to complete.

Smokey's Security Forums

Please login or register.

Login with username, password and session length
Advanced search  


Android security: Sneaky three-stage malware found in Google Play store

Tens of thousands of users have downloaded two newly uncovered forms of malware.
Another crop of Android apps hiding malware have been discovered in - and removed from - the Google Play store.

Android security: Sneaky three-stage malware found in Google Play store

Malware Log Analysis & Removal Help * Ransomware Encryption & Decrytion Techniques * Official Jetico Inc. Support Forums

Share this topic on FacebookShare this topic on MySpaceShare this topic on RedditShare this topic on TwitterAuthorTopic: Lenovo Smartphones Vulnerable to Local Root Exploits, Patches Available  (Read 44 times)

0 Members and 1 Guest are viewing this topic.

BarbosaTopic starter

  • Updates Moderator
  • *
  • Offline Offline
  • location: The High Seas
  • Posts: 549
Lenovo Smartphones Vulnerable to Local Root Exploits, Patches Available
4 July 2017, 1:18 pm

Lenovo has confirmed that VIBE smartphones are vulnerable to a local root exploit due to three different vulnerabilities, with patches already available for some, but not all of the affected models.

The company explains in an advisory that an attacker with physical access to the device can obtain root privileges if no security system is configured, such as a PIN or password. Once root privileges are obtained, the attacker can “modify the device’s operation and functionality in myriad ways,” the company explains.

Lenovo says that one of the vulnerabilities, namely CVE-2017-374, allows improper access controls on the nac_server component, which can be abused in conjunction with other vulnerabilities, including CVE-2017-3749 and CVE-2017-3750. This allows attackers to gain root access to the device and eventually root it to get full control.

Rooting a device isn’t obviously the end of the world... (read more)

Source: Softpedia News / Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

* Permissions
You can't post new topics.
You can't post replies.
You can't post attachments.
You can't modify your posts.
BBCode Enabled
Smilies Enabled
[img] Enabled
HTML Disabled

Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2017 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by Meg&Millie - Emma aka Tinker

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques



Smokey's also provides free fully qualified FRST (Farbar Recovery Scan Tool) Log / Malware Analysis & Removal Help and System Health Checks