Lenovo: >> System Update Plugin Security Vulnerabilities
A Time of Check Time of Use (TOCTOU) vulnerability was reported in the Lenovo Vantage SystemUpdate Plugin version 2.0.0.212 and earlier that could allow a local attacker to delete arbitrary files.
CVSS Score
6.1
EPSS Score
0.0
Published
2023-10-27
A privilege elevation vulnerability was reported in the Lenovo Vantage SystemUpdate plugin version 2.0.0.212 and earlier that could allow a local attacker to execute arbitrary code with elevated privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-10-27
A denial of service vulnerability was reported in Lenovo Vantage HardwareScan Plugin version 1.3.0.5 and earlier that could allow a local attacker to delete contents of an arbitrary directory under certain conditions.
CVSS Score
6.1
EPSS Score
0.0
Published
2023-10-27