Vulnerability Details CVE-2022-0354
A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released before 2022-02-25 that displays a command prompt window.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.3%
CVSS Severity
CVSS v3 Score 7.3
CVSS v2 Score 7.2
References
Products affected by CVE-2022-0354
-
cpe:2.3:a:lenovo:system_update:-
-
cpe:2.3:a:lenovo:system_update:5.06.0027
-
cpe:2.3:a:lenovo:system_update:5.06.0034
-
cpe:2.3:a:lenovo:system_update:5.06.0043
-
cpe:2.3:a:lenovo:system_update:5.07.0008
-
cpe:2.3:a:lenovo:system_update:5.07.0013
-
cpe:2.3:a:lenovo:system_update:5.07.0019
-
cpe:2.3:a:lenovo:system_update:5.07.0072
-
cpe:2.3:a:lenovo:system_update:5.07.0084
-
cpe:2.3:a:lenovo:system_update:5.07.0088
-
cpe:2.3:a:lenovo:system_update:5.07.0106
-
cpe:2.3:a:lenovo:system_update:5.08.01.0005
-
cpe:2.3:a:lenovo:system_update:5.08.02.25