CVE-2020-8345

Опубликовано: 14 окт. 2020

Источник: nvd

CVSS3: 7.3

CVSS3: 7.8

CVSS2: 4.4

EPSS Низкий

Описание

A DLL search path vulnerability was reported in the Lenovo HardwareScan Plugin for the Lenovo Vantage hardware scan feature prior to version 1.0.46.11 that could allow escalation of privilege.

Ссылки

https://support.lenovo.com/us/en/product_security/LEN-44421
Vendor Advisory
https://support.lenovo.com/us/en/product_security/LEN-44421
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:lenovo:hardware_scan:*:*:*:*:*:lenovo_vantage:*:*

Версия до 1.0.46.11 (исключая)

EPSS

Процентиль: 21%

0.00068

Низкий

7.3 High

CVSS3

7.8 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-427

Связанные уязвимости

GHSA-rrmc-v4r3-q6v9

github

больше 3 лет назад

A DLL search path vulnerability was reported in the Lenovo HardwareScan Plugin for the Lenovo Vantage hardware scan feature prior to version 1.0.46.11 that could allow escalation of privilege.

EPSS

Процентиль: 21%

0.00068

Низкий

7.3 High

CVSS3

7.8 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-427