System Interface Foundation Security Vulnerabilities and Issues — System Interface Foundation CVE List

Lucene search

LenovoSystem Interface Foundation

9 matches found

CVE•added 2019/11/20 2:15 a.m.•86 views

CVE-2019-6186

A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an authenticated user to execute code as another user.

8.8CVSS8.6AI score0.00599EPSS

CVE•added 2019/11/20 2:15 a.m.•78 views

CVE-2019-6189

A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL.

7.8CVSS8.1AI score0.00145EPSS

CVE•added 2020/04/14 9:15 p.m.•59 views

CVE-2020-8324

A vulnerability was reported in LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation prior to version 1.2.184.31 that could allow unsigned DLL files to be executed.

5.5CVSS6.2AI score0.00062EPSS

CVE•added 2020/04/14 9:15 p.m.•58 views

CVE-2020-8318

A privilege escalation vulnerability was reported in the LenovoSystemUpdatePlugin for Lenovo System Interface Foundation prior to version that could allow an authenticated user to execute code with elevated privileges.

7.8CVSS7.8AI score0.00122EPSS

CVE•added 2020/04/14 9:15 p.m.•58 views

CVE-2020-8319

A privilege escalation vulnerability was reported in Lenovo System Interface Foundation prior to version 1.1.19.3 that could allow an authenticated user to execute code with elevated privileges.

7.8CVSS7.8AI score0.00122EPSS

CVE•added 2022/05/18 4:15 p.m.•51 views

CVE-2021-3969

A Time of Check Time of Use (TOCTOU) vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3that could allow a local attacker to elevate privileges.

7.8CVSS6.7AI score0.00418EPSS

CVE•added 2022/05/18 4:15 p.m.•48 views

CVE-2021-3922

A race condition vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3 that could allow a local attacker to connect and interact with the IMController child process' named pipe.

7.8CVSS6.6AI score0.00418EPSS

CVE•added 2016/11/29 8:59 p.m.•33 views

CVE-2016-8223

During an internal security review, Lenovo identified a local privilege escalation vulnerability in Lenovo System Interface Foundation software installed on some Windows 10 PCs where a user with local privileges could run arbitrary code with administrator level privileges.

7.8CVSS7.8AI score0.00034EPSS

CVE•added 2020/09/15 3:15 p.m.•30 views

CVE-2020-8346

A denial of service vulnerability was reported in the Lenovo Vantage component called Lenovo System Interface Foundation prior to version 1.1.19.5 that could allow configuration files to be written to non-standard locations.

5.5CVSS5.4AI score0.00038EPSS