Lucene search

LenovoCVELIST:CVE-2023-5080

HistoryJan 19, 2024 - 8:06 p.m.

CVE-2023-5080

2024-01-1920:06:30

CWE-266

lenovo

www.cve.org

cve-2023-5080

privilege escalation

lenovo tablet

device identifiers

system commands

CVSS3

6.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

EPSS

Percentile

9.0%

JSON

A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow local applications access to device identifiers and system commands.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Tablet",
    "vendor": "Lenovo",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  }
]

References

support.lenovo.com/us/en/product_security/LEN-142135

CVSS3

6.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2023-5080