5 matches found
CVE-2020-8324
A vulnerability was reported in LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation prior to version 1.2.184.31 that could allow unsigned DLL files to be executed...
CVE-2020-8324
CVE-2020-8324 affects Lenovo System Interface Foundation’s LenovoAppScenarioPluginSystem. A plugin contract runs under SYSTEM with signed package manifests, but an unchecked package name path (used to locate plugin updates) and inadequate DLL signature checks allowed unprivileged users to manipul...
Lenovo Vantage Vulnerabilities - Lenovo Support US
No description provided...
Lenovo Vantage Vulnerabilities - Lenovo Support US
Lenovo Security Advisory: LEN-30401 Potential Impact: Escalation of Privilege, Improper Verification of Cryptographic Signature, Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2020-8316, CVE-2020-8318, CVE-2020-8319, CVE-2020-8324, CVE-2020-8327 Summary Description: The...
PrivEsc in Lenovo Vantage. Two minutes later
TL;DR The latest and greatest Lenovo Vantage software which ships with the most recent Lenovo devices is affected by a privilege escalation vulnerability. Whilst Vantage has been released since circa 2016, the software replaced Lenovo Solutions Centre LSC as the recommended platform management an...