Описание
A DLL search path vulnerability could allow privilege escalation in some Lenovo installation packages, prior to version 1.2.9.3, during installation if an attacker already has administrative privileges.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.9.3 (исключая)
cpe:2.3:a:lenovo:installation_package:*:*:*:*:*:*:*:*
EPSS
Процентиль: 12%
0.0004
Низкий
6.7 Medium
CVSS3
6.5 Medium
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-426
CWE-426
Связанные уязвимости
github
больше 3 лет назад
A DLL search path vulnerability could allow privilege escalation in some Lenovo installation packages, prior to version 1.2.9.3, during installation if an attacker already has administrative privileges.
EPSS
Процентиль: 12%
0.0004
Низкий
6.7 Medium
CVSS3
6.5 Medium
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-426
CWE-426