Lucene search
LenovoCVELIST:CVE-2020-8345HistoryOct 14, 2020 - 9:25 p.m.
CVE-2020-8345
2020-10-1421:25:20
CWE-427
lenovo
www.cve.org
2
dll search path
lenovo hardwarescan plugin
lenovo vantage
privilege escalation
CVSS3
7.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
27.2%
A DLL search path vulnerability was reported in the Lenovo HardwareScan Plugin for the Lenovo Vantage hardware scan feature prior to version 1.0.46.11 that could allow escalation of privilege.
CNA Affected
[
{
"product": "Vantage HardwareScan Plugin",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.0.46.11",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
lenovo
lenovo
Lenovo Vantage HardwareScan Plugin Vulnerability - Lenovo Support NL
2020-10-06 23:15:43
Lenovo Vantage HardwareScan Plugin Vulnerability - Lenovo Support US
2020-10-06 23:15:43
prion
prion
Privilege escalation
2020-10-14 22:15:00
cve
cve
CVE-2020-8345
2020-10-14 22:15:13
nvd
nvd
CVE-2020-8345
2020-10-14 22:15:13
CVSS3
7.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
27.2%
Related for CVELIST:CVE-2020-8345