CVE-2018-9070 - OpenCVE

For the Lenovo Smart Assistant Android app versions earlier than 12.1.82, an attacker with physical access to the smart speaker can, by pressing a specific button sequence, enter factory test mode and enable a web service intended for testing the device. As with most test modes, this provides extra privileges, including changing settings and running code. Lenovo Smart Assistant is an Amazon Alexa-enabled smart speaker developed by Lenovo.

No CVSS v3.1

Attack Vector Physical

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Lenovo	Smart Assistant

Configuration 1 [-]

cpe:2.3:a:lenovo:smart_assistant:*:*:*:*:*:android:*:*

References

Link	Resource
https://support.lenovo.com/us/en/solutions/LEN-22172	Mitigation Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: lenovo

Published: 2018-07-13T00:00:00

Updated: 2018-07-13T15:57:01

Reserved: 2018-03-27T00:00:00

Link: CVE-2018-9070

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-07-13T16:29:00.643

Modified: 2019-10-03T00:03:26.223

Link: CVE-2018-9070

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "Lenovo Smart Assistant", "vendor": "Lenovo Group Ltd.", "versions": [{"status": "affected", "version": "Earlier than 12.1.82"}]}], "datePublic": "2018-07-13T00:00:00", "descriptions": [{"lang": "en", "value": "For the Lenovo Smart Assistant Android app versions earlier than 12.1.82, an attacker with physical access to the smart speaker can, by pressing a specific button sequence, enter factory test mode and enable a web service intended for testing the device. As with most test modes, this provides extra privileges, including changing settings and running code. Lenovo Smart Assistant is an Amazon Alexa-enabled smart speaker developed by Lenovo."}], "problemTypes": [{"descriptions": [{"description": "Root access of the device", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-07-13T15:57:01", "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "shortName": "lenovo"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://support.lenovo.com/us/en/solutions/LEN-22172"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@lenovo.com", "DATE_PUBLIC": "2018-07-13T00:00:00", "ID": "CVE-2018-9070", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Lenovo Smart Assistant", "version": {"version_data": [{"version_value": "Earlier than 12.1.82"}]}}]}, "vendor_name": "Lenovo Group Ltd."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "For the Lenovo Smart Assistant Android app versions earlier than 12.1.82, an attacker with physical access to the smart speaker can, by pressing a specific button sequence, enter factory test mode and enable a web service intended for testing the device. As with most test modes, this provides extra privileges, including changing settings and running code. Lenovo Smart Assistant is an Amazon Alexa-enabled smart speaker developed by Lenovo."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Root access of the device"}]}]}, "references": {"reference_data": [{"name": "https://support.lenovo.com/us/en/solutions/LEN-22172", "refsource": "CONFIRM", "url": "https://support.lenovo.com/us/en/solutions/LEN-22172"}]}}}}, "cveMetadata": {"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "assignerShortName": "lenovo", "cveId": "CVE-2018-9070", "datePublished": "2018-07-13T00:00:00", "dateReserved": "2018-03-27T00:00:00", "dateUpdated": "2018-07-13T15:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:smart_assistant:*:*:*:*:*:android:*:*", "matchCriteriaId": "147F093A-AF17-4B94-82AE-D477AFFF897A", "versionEndExcluding": "12.1.82", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "For the Lenovo Smart Assistant Android app versions earlier than 12.1.82, an attacker with physical access to the smart speaker can, by pressing a specific button sequence, enter factory test mode and enable a web service intended for testing the device. As with most test modes, this provides extra privileges, including changing settings and running code. Lenovo Smart Assistant is an Amazon Alexa-enabled smart speaker developed by Lenovo."}, {"lang": "es", "value": "Para la aplicaci\u00f3n de Android Lenovo Smart Assistant en versiones anteriores a la 12.1.82, un atacante con acceso f\u00edsico al altavoz inteligente puede, pulsando una determinada secuencia de botones, entrar en el modo de pruebas de f\u00e1brica y habilitar un servicio web destinado a probar el dispositivo. Como con la mayor\u00eda de modos de prueba, \u00e9ste proporciona privilegios extras, incluyendo el cambio de configuraci\u00f3n y la ejecuci\u00f3n de c\u00f3digo. Lenovo Smart Assistant es un altavoz inteligente dise\u00f1ado para Amazon Alexa desarrollado por Lenovo."}], "id": "CVE-2018-9070", "lastModified": "2019-10-03T00:03:26.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 0.5, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-07-13T16:29:00.643", "references": [{"source": "psirt@lenovo.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://support.lenovo.com/us/en/solutions/LEN-22172"}], "sourceIdentifier": "psirt@lenovo.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}