Published: 22/04/2022 Updated: 04/05/2022
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released prior to 2022-02-25 that displays a command prompt window.

Most Upvoted Vulmon Research Post

Lenovo Commercial Vantage Tool Local Privilege Escalation:

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

lenovo system update