Описание
A privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin prior to version 1.3.1.2 and Lenovo Diagnostics prior to version 4.45
that could allow a local user to execute code with elevated privileges.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.45.0 (исключая)Версия до 2.4.1.1 (исключая)Версия до 1.3.1.2 (исключая)
Одно из
cpe:2.3:a:lenovo:diagnostics:*:*:*:*:*:*:*:*
cpe:2.3:a:lenovo:hardwarescan_addin:*:*:*:*:*:*:*:*
cpe:2.3:a:lenovo:hardwarescan_plugin:*:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.84573
Высокий
7.8 High
CVSS3
Дефекты
CWE-787
Связанные уязвимости
CVSS3: 7.8
github
больше 2 лет назад
A privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin prior to version 1.3.1.2 and Lenovo Diagnostics prior to version 4.45 that could allow a local user to execute code with elevated privileges.
EPSS
Процентиль: 99%
0.84573
Высокий
7.8 High
CVSS3
Дефекты
CWE-787