Lucene search
LenovoCVELIST:CVE-2022-3699HistoryOct 24, 2023 - 8:48 p.m.
CVE-2022-3699
2023-10-2420:48:23
CWE-787
lenovo
www.cve.org
cve-2022-3699
vulnerability
lenovo
hardwarescanplugin
diagnostics
privilege escalation
code execution
local user
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
52.6%
A privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin prior to versionΒ 1.3.1.2 andΒ Lenovo Diagnostics prior to version 4.45
that could allow a local user to execute code with elevated privileges.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "HardwareScanPlugin ",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.3.1.2",
"status": "affected",
"version": " ",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Diagnostics",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "4.45",
"status": "affected",
"version": " ",
"versionType": "custom"
}
]
}
]Related
prion
prion
Privilege escalation
2023-10-25 18:17:00
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Lenovo Diagnostics
2022-11-09 14:15:30
cve
cve
CVE-2022-3699
2023-10-25 18:17:15
packetstorm
packetstorm
Lenovo Diagnostics Driver Memory Access
2023-02-03 00:00:00
zdt
zdt
Lenovo Diagnostics Driver Memory Access Exploit
2023-02-03 00:00:00
metasploit
metasploit
Lenovo Diagnostics Driver IOCTL memmove
2022-12-13 02:53:53
nvd
nvd
CVE-2022-3699
2023-10-25 18:17:15
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up
2023-02-10 19:39:42
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
52.6%
Related for CVELIST:CVE-2022-3699