Lenovo Latest Vulnerabilities

October 11

Lenovo Service Framework Vulnerability Allows Local Attacker Execution with Elevated Privileges

LenovoService Framework7.8HIGH

Lenovo PC Manager AI Scenario Vulnerability

LenovoPc Manager Ai Intellig...7.8HIGH

Lenovo Personal Cloud Hijack Vulnerability

LenovoPersonal Cloud7.8HIGH

DLL Hijack Vulnerability in Lenovo Baiying Could Allow Code Execution with Elevated Privileges

LenovoBaiying7.8HIGH

Lenovo Leyun DLL Hijack Vulnerability Could Allow Local Attacker to Execute Code with Elevated Privileges

LenovoLeyun7.8HIGH

Lenovo stARstudio Hijack Vulnerability Could Allow Local Attacker to Execute Code with Elevated Privileges

LenovoStarstudio7.8HIGH

Lenovo Lock Screen Hijack Vulnerability Allows Local Attacker to Execute Code with Elevated Privileges

LenovoLock Screen7.8HIGH

Lenovo Emulator Hijack Vulnerability Allows Local Attacker Execution with Elevated Privileges

LenovoEmulator7.8HIGH

Lenovo App Store Hijack Vulnerability Allows Local Attacker Execution with Elevated Privileges

LenovoApp Store7.8HIGH

Lenovo Super File Hijack Vulnerability Could Allow Local Attacker to Execute Code with Elevated Privileges

LenovoSuperfile7.8HIGH

LenovoDolby Vision Provision...5.5MEDIUM

September 13

Hidden Server Vulnerability Could Allow Local Attackers to Execute Arbitrary Code

LenovoHx5530 Appliance (thin...6.7MEDIUM

LXCA Managed Device Vulnerability

LenovoXclarity Administrator6.5MEDIUM

Unmanaging LXCA Managed Devices through Web Interface

LenovoXclarity Administrator4.3MEDIUM

Privilege Escalation Vulnerability in LXCA with SSO Enabled

LenovoXclarity Administrator6.8MEDIUM

Command Injection Vulnerability in XCC SSH Captive Shell

LenovoHx5530 Appliance (thin...7.2HIGH

XCC Input Validation Weakness Could Lead to Command Injection or Denial of Service

LenovoHx5530 Appliance (thin...7.2HIGH

Privilege Escalation Vulnerability in XCC Allows Command Injection via File Uploads

LenovoHx5530 Appliance (thin...7.2HIGH

Possible Command Injection Vulnerability in XCC IPMI

LenovoHx5530 Appliance (thin...7.2HIGH

IPMI Credentials at Risk Due to Length of AccountUsername

LenovoHx5530 Appliance (thin...4.3MEDIUM

ThinkPad L390 Yoga Vulnerability Could Lead to Privilege Escalation

Lenovo10w (type 82st, 82su) ...6.8MEDIUM

Potential Buffer Overflow Vulnerability Affects Lenovo Servers

LenovoP360 Workstation (thin...6.7MEDIUM

Possible Buffer Overflow Vulnerability in Lenovo Notebooks

Lenovo100w Gen 3 Laptop (len...6.7MEDIUM

August 16

Unauthenticated Denial-of-Service Vulnerability Affects Lenovo Printers

Lenovo6.5MEDIUM

Unauthenticated Denial-of-Service Vulnerability Affects Lenovo Printers

Lenovo6.5MEDIUM

Local Privilege Escalation Vulnerability in Lenovo Display Control Center and Accessories and Display Manager

Unauthenticated Denial-of-Service Vulnerability Affects Lenovo Printers

Lenovo6.5MEDIUM

Lenovo Display Control Center and Accessories Vulnerability Could Lead to Privilege Escalation

Unauthenticated Denial-of-Service Vulnerability in Lenovo Printers

Lenovo6.5MEDIUM

Unauthenticated Denial-of-Service Vulnerability Affects Lenovo Printers

Lenovo6.5MEDIUM

July 31

Lenovo PC Manager Vulnerability Could Lead to System Reboot

LenovoPc Manager5.5MEDIUM

Lenovo PC Manager Privilege Escalation Vulnerability

LenovoPc Manager7.8HIGH

Lenovo PC Manager Vulnerability Allows Local Attacker to Escalate Privileges

LenovoPc Manager7.8HIGH

Lenovo Driver Manager Path Hijacking Vulnerability Could Lead to Code Execution

LenovoDriver Manager7.8HIGH

July 26

Privilege Escalation Vulnerability in IPMI Could Allow Arbitrary Code Execution

LenovoXclarity Controller7.2HIGH

Privilege Escalation Vulnerability in XCC Upload Processing

LenovoXclarity Controller7.2HIGH

Privilege Escalation Vulnerability Discovered in XCC Web Interface or SSH Captive Command Shell Interface

LenovoXclarity Controller7.2HIGH

Privilege Escalation Vulnerability in SSH Captive Command Shell Interface

LenovoXclarity Controller7.2HIGH

Specially crafted app can keep Lenovo Tab K10 device on

LenovoTab K102.8LOW

Privilege Escalation Vulnerability in XCC Could Allow Command Injection via IPMI Commands

LenovoXclarity Controller7.2HIGH

June 13

Privilege Escalation Vulnerability in Lenovo Service Bridge Could Allow OS Command Execution

LenovoService Bridge7.5HIGH

May 16

{"Unauthenticated Restart Vulnerability in Lenovo Printers"}

LenovoPrinters7.5HIGH

April 15

Buffer Overflow Vulnerability in Lenovo System Recovery Bootloader (2012-2014)

LenovoWindows 7 And 8 Pc Pre...6.4MEDIUM

Privilege Escalation Vulnerability in Lenovo Bootloader Could Allow Attackers to Modify Boot Manager and Escalate Privileges

LenovoWindows 7 And 8 Pc Pre...6.7MEDIUM

Command Injection Vulnerability in FPC Allows Elevated Privileges

LenovoSmm, Smm2, Fpc7.2HIGH

Authentication Bypass Vulnerability in IPMI Could Lead to Limited System Information Exposure

LenovoSmm, Smm2, Fpc7.5HIGH

Format String Vulnerability Affects API Endpoint

LenovoSmm, Smm2, Fpc8.8HIGH

Unauthorized Command Execution Vulnerability in IPMI

LenovoSmm, Smm2, Fpc7.2HIGH

April 5

Unauthenticated Reboot Vulnerability Affects Lenovo Printers

Potential Vulnerability in BIOS of Desktop Products Could Allow Local Attack with Elevated Privileges

LenovoDesktop BiOS, Smart Ed...6.7MEDIUM

Unauthenticated API Endpoint Vulnerability in Lenovo XClarity Administrator

LenovoXclarity Administrator6.5MEDIUM

Potential BIOS Update Tool Vulnerability Could Allow Local User Execution of Arbitrary Code

LenovoBiOS6.7MEDIUM

Lenovo Devices Vulnerable to Authentication Bypass Attacks

Lenovo6.3MEDIUM

Unauthenticated Password Dump Vulnerability Affects Lenovo Printers

LenovoPrinters7.5HIGH

Possible Memory Leak Vulnerability Affects Lenovo Notebooks

LenovoNotebook BiOS6.7MEDIUM

Lenovo Printers Vulnerable to Denial of Service Attacks

LenovoPrinters7.5HIGH

Lenovo Printers Vulnerable to Denial of Service Attack

LenovoPrinters4.9MEDIUM

Buffer Overflow Vulnerability in Lenovo Printers Could Lead to Denial of Service

Lenovo4.9MEDIUM

February 16

Servers Vulnerable to Attack via Manufacturing Mode

LenovoThinkSystem SR670 V22LOW

January 19

LenovoLenovo App Store Appli...5.5MEDIUM

LenovoVantage6.8MEDIUM

LenovoVantage7.8HIGH

LenovoTablet3.3LOW

LenovoTablet7.8HIGH

January 3

LenovoLenovo Browser Mobile6.5MEDIUM

LenovoUniversal Device Clien...7.8HIGH

November 8

LenovoDesktop BIOS6.7MEDIUM

LenovoDesktop BiOS6.7MEDIUM

LenovoBiOS6.7MEDIUM

LenovoDesktop BiOS6.7MEDIUM

LenovoDesktop BiOS6.7MEDIUM

LenovoDesktop BiOS4.4MEDIUM

LenovoDesktop BIOS6.7MEDIUM

LenovoBiOS6.7MEDIUM

LenovoDesktop BiOS6.7MEDIUM

LenovoDesktop BiOS4.4MEDIUM

LenovoDesktop BiOS6.7MEDIUM

LenovoBiOS6.7MEDIUM

LenovoBiOS6.7MEDIUM

LenovoDesktop BiOS6.7MEDIUM

LenovoDesktop BiOS6.7MEDIUM

LenovoBiOS6.7MEDIUM

LenovoLecloud Application7.5HIGH

LenovoDesktop BiOS6.7MEDIUM

Lenovo1Lenovo Preload Directory7.8HIGH

LenovoLenovo System Update7.8HIGH

LenovoLenovo View Driver5.5MEDIUM

LenovoThinkpad BiOS6.7MEDIUM

LenovoDesktop BiOS6.7MEDIUM

LenovoDesktop BiOS6.7MEDIUM

LenovoIdeapad Duet 3-10igl56.7MEDIUM

LenovoDesktop BiOS4.4MEDIUM

October 30

LenovoThinkpad BiOS6.7MEDIUM

LenovoThinkpad BiOS6.7MEDIUM

LenovoThinkpad BiOS6.7MEDIUM

LenovoThinkpad X1 Fold Gen 16.7MEDIUM

October 27

LenovoVantage Hardwarescan P...6.1MEDIUM

LenovoVantage Systemupdate P...7.8HIGH

LenovoVantage Systemupdate P...6.1MEDIUM

LenovoApp Store7.6HIGH