Android Vulnerabilities in Lenovo Vibe Allow Jailbreaking

Three vulnerabilities have been found on Lenovo Vibe mobile phones running on Lollipop and earlier versions of the Android OS that allow rooting of the device. According to a Levono advisory, the first vulnerability, CVE-2017-3748, consists of improper access controls on the nac_server component, which can be abused in combination with the remaining two bugs to elevate privileges to root user.

Read full news article on Infosecurity