cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-12673,https://securityvulnerability.io/vulnerability/CVE-2024-12673,Improper Privilege Vulnerability in Lenovo Vantage on SMB Notebooks,"An improper privilege vulnerability exists in the BIOS customization feature of Lenovo Vantage designed for SMB notebook devices, enabling a local attacker to enhance their privileges on the system. This issue compromises security on affected Lenovo devices, including specific models from the V Series, ThinkBook, and ThinkPad E Series, potentially allowing unauthorized users to execute sensitive actions that should be restricted.",Lenovo,Vantage,8.5,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-12T20:31:18.910Z,0
CVE-2023-6044,https://securityvulnerability.io/vulnerability/CVE-2023-6044,Privilege Escalation Vulnerability in Lenovo Vantage Software,"A vulnerability exists in Lenovo Vantage that allows a local attacker with physical access to authenticate as the Lenovo Vantage Service. This flaw can be exploited to execute arbitrary code with elevated privileges, potentially compromising the system's integrity.",Lenovo,Vantage,6.8,MEDIUM,0.0005499999970197678,false,,false,false,false,,,false,false,,2024-01-19T20:09:05.706Z,0
CVE-2023-6043,https://securityvulnerability.io/vulnerability/CVE-2023-6043,Privilege Escalation in Lenovo Vantage Affects User Security,"A vulnerability in Lenovo Vantage has been identified, allowing local attackers to potentially escalate their privileges by bypassing crucial integrity checks. This flaw could lead to the execution of arbitrary code, presenting a significant risk to the security of affected systems. Users maintaining Lenovo Vantage are advised to monitor for updates and take precautionary measures to safeguard their environments. For detailed information, refer to the official Lenovo security advisory.",Lenovo,Vantage,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-01-19T20:08:26.945Z,0
CVE-2022-3702,https://securityvulnerability.io/vulnerability/CVE-2022-3702,Denial of Service Vulnerability in Lenovo Vantage HardwareScan Plugin by Lenovo,"A vulnerability has been identified in the Lenovo Vantage HardwareScan Plugin, which affects version 1.3.0.5 and earlier. This vulnerability allows a local attacker to delete contents from an arbitrary directory, potentially disrupting system functionality and user workflows. Attack vectors for this denial of service issue include exploitation under specific conditions, highlighting the need for immediate attention and remediation by affected users.",Lenovo,Vantage Hardwarescan Plugin,6.1,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-10-27T19:42:34.062Z,0
CVE-2022-3701,https://securityvulnerability.io/vulnerability/CVE-2022-3701,Privilege Elevation Vulnerability in Lenovo Vantage SystemUpdate Plugin,"A privilege elevation vulnerability has been identified in the Lenovo Vantage SystemUpdate plugin, specifically in version 2.0.0.212 and earlier. This vulnerability could allow a local attacker to leverage this flaw to execute arbitrary code with elevated privileges, potentially leading to unauthorized access and control over affected systems. It is essential for users to ensure they are using the latest version of the software to mitigate the risk associated with this vulnerability.",Lenovo,Vantage Systemupdate Plugin,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-10-27T19:38:49.759Z,0
CVE-2022-3700,https://securityvulnerability.io/vulnerability/CVE-2022-3700,TOCTOU Vulnerability in Lenovo Vantage SystemUpdate Plugin,"A Time of Check Time of Use (TOCTOU) vulnerability exists in the Lenovo Vantage SystemUpdate Plugin version 2.0.0.212 and earlier. This flaw potentially enables a local attacker to exploit the timing discrepancies between the file validation check and its subsequent use, resulting in the deletion of arbitrary files on the system. Such vulnerabilities can pose significant risks to the integrity and availability of data, as unauthorized alterations or deletions may occur, leading to operational disruptions.",Lenovo,Vantage Systemupdate Plugin,6.1,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-10-27T19:32:04.281Z,0
CVE-2020-8345,https://securityvulnerability.io/vulnerability/CVE-2020-8345,DLL Search Path Flaw in Lenovo HardwareScan Plugin Exposes Lenovo Vantage Users to Escalation of Privilege Risks,"A vulnerability exists in the Lenovo HardwareScan Plugin, part of the Lenovo Vantage software, where improper handling of DLL search paths could lead to unauthorized privilege escalation. This flaw affects versions prior to 1.0.46.11, potentially allowing attackers to exploit the system's functionality beyond intended permissions, compromising system integrity and security.",Lenovo,Vantage Hardwarescan Plugin,7.3,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2020-10-14T21:25:20.000Z,0
CVE-2020-8316,https://securityvulnerability.io/vulnerability/CVE-2020-8316,File Access Vulnerability in Lenovo Vantage Software by Lenovo,"A security vulnerability in Lenovo Vantage prior to version 10.2003.10.0 allows authenticated users to read sensitive files on the system with elevated privileges. This breach can expose critical information and compromises system integrity, emphasizing the need for users to update to the latest version to mitigate potential risks.",Lenovo,Vantage,4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-04-14T21:15:00.000Z,0
CVE-2020-8327,https://securityvulnerability.io/vulnerability/CVE-2020-8327,Privilege Escalation Vulnerability in Lenovo Battery Gauge Package,"A privilege escalation vulnerability exists in the Lenovo Battery Gauge Package included with the Lenovo System Interface Foundation, which is bundled in Lenovo Vantage prior to version 10.2003.10.0. This flaw allows authenticated users to execute code with elevated privileges, potentially leading to unauthorized access to system resources. It is imperative for users to update to the latest version to mitigate this risk.",Lenovo,Vantage,7.3,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-04-14T00:00:00.000Z,0