CVE-2024-4130
https://notcve.org/view.php?id=CVE-2024-4130
A DLL hijack vulnerability was reported in Lenovo App Store that could allow a local attacker to execute code with elevated privileges. • https://iknow.lenovo.com.cn/detail/423563 • CWE-427: Uncontrolled Search Path Element •
CVE-2023-6450
https://notcve.org/view.php?id=CVE-2023-6450
An incorrect permissions vulnerability was reported in the Lenovo App Store app that could allow an attacker to use system resources, resulting in a denial of service. Se informó una vulnerabilidad de permisos incorrectos en la aplicación Lenovo App Store que podría permitir a un atacante utilizar recursos del sistema, lo que provocaría una denegación de servicio. • https://iknow.lenovo.com.cn/detail/419672 • CWE-400: Uncontrolled Resource Consumption CWE-404: Improper Resource Shutdown or Release •
CVE-2022-3611
https://notcve.org/view.php?id=CVE-2022-3611
An information disclosure vulnerability has been identified in the Lenovo App Store which may allow some applications to gain unauthorized access to sensitive user data used by other unrelated applications. Se ha identificado una vulnerabilidad de divulgación de información en Lenovo App Store que puede permitir que algunas aplicaciones obtengan acceso no autorizado a datos confidenciales del usuario utilizados por otras aplicaciones no relacionadas. • https://iknow.lenovo.com.cn/detail/205280.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •