Vulnerability Details CVE-2022-3700
A Time of Check Time of Use (TOCTOU) vulnerability was reported in the Lenovo Vantage SystemUpdate Plugin version 2.0.0.212 and earlier that could allow a local attacker to delete arbitrary files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.7%
CVSS Severity
CVSS v3 Score 6.1
References
Products affected by CVE-2022-3700
-
cpe:2.3:a:lenovo:hardware_scan_addin:*
-
cpe:2.3:a:lenovo:hardware_scan_plugin:*
-
cpe:2.3:a:lenovo:system_update_plugin:*