CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6044
https://notcve.org/view.php?id=CVE-2023-6044
A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker with physical access to impersonate Lenovo Vantage Service and execute arbitrary code with elevated privileges. Se informó una vulnerabilidad de escalada de privilegios en Lenovo Vantage que podría permitir que un atacante local con acceso físico se haga pasar por Lenovo Vantage Service y ejecute código arbitrario con privilegios elevados. • https://support.lenovo.com/us/en/product_security/LEN-144736 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6043
https://notcve.org/view.php?id=CVE-2023-6043
A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker to bypass integrity checks and execute arbitrary code with elevated privileges. Se informó de una vulnerabilidad de escalada de privilegios en Lenovo Vantage que podría permitir a un atacante local eludir las comprobaciones de integridad y ejecutar código arbitrario con privilegios elevados. • https://support.lenovo.com/us/en/product_security/LEN-144736 • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8327
https://notcve.org/view.php?id=CVE-2020-8327
A privilege escalation vulnerability was reported in LenovoBatteryGaugePackage for Lenovo System Interface Foundation bundled in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to execute code with elevated privileges. Se reportó una vulnerabilidad de escalada de privilegios en LenovoBatteryGaugePackage para Lenovo System Interface Foundation incorporado en Lenovo Vantage versión 10.2003.10.0, que podría permitir a un usuario autenticado ejecutar código con privilegios elevados. • https://support.lenovo.com/us/en/product_security/LEN-30401 • CWE-269: Improper Privilege Management CWE-428: Unquoted Search Path or Element •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8316
https://notcve.org/view.php?id=CVE-2020-8316
A vulnerability was reported in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to read files on the system with elevated privileges. Se reportó una vulnerabilidad en Lenovo Vantage versiones anteriores a 10.2003.10.0, que podría permitir a un usuario autenticado leer archivos en el sistema con privilegios elevados. • https://support.lenovo.com/us/en/product_security/LEN-30401 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •