Описание
A DLL search path vulnerability was reported in Lenovo Bootable Generator, prior to version Mar-2019, that could allow a malicious user with local access to execute code on the system.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до mar-2019 (исключая)
Одновременно
cpe:2.3:a:lenovo:bootable_usb:*:*:*:*:*:windows:*:*
Одно из
cpe:2.3:h:lenovo:ideacentre:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkcentre:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkstation:-:*:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.00239
Низкий
5.3 Medium
CVSS3
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-426
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
A DLL search path vulnerability was reported in Lenovo Bootable Generator, prior to version Mar-2019, that could allow a malicious user with local access to execute code on the system.
EPSS
Процентиль: 47%
0.00239
Низкий
5.3 Medium
CVSS3
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-426