cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-3701,https://securityvulnerability.io/vulnerability/CVE-2022-3701,Privilege Elevation Vulnerability in Lenovo Vantage SystemUpdate Plugin,"A privilege elevation vulnerability has been identified in the Lenovo Vantage SystemUpdate plugin, specifically in version 2.0.0.212 and earlier. This vulnerability could allow a local attacker to leverage this flaw to execute arbitrary code with elevated privileges, potentially leading to unauthorized access and control over affected systems. It is essential for users to ensure they are using the latest version of the software to mitigate the risk associated with this vulnerability.",Lenovo,Vantage Systemupdate Plugin,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-10-27T19:38:49.759Z,0
CVE-2022-3700,https://securityvulnerability.io/vulnerability/CVE-2022-3700,TOCTOU Vulnerability in Lenovo Vantage SystemUpdate Plugin,"A Time of Check Time of Use (TOCTOU) vulnerability exists in the Lenovo Vantage SystemUpdate Plugin version 2.0.0.212 and earlier. This flaw potentially enables a local attacker to exploit the timing discrepancies between the file validation check and its subsequent use, resulting in the deletion of arbitrary files on the system. Such vulnerabilities can pose significant risks to the integrity and availability of data, as unauthorized alterations or deletions may occur, leading to operational disruptions.",Lenovo,Vantage Systemupdate Plugin,6.1,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-10-27T19:32:04.281Z,0