Lenovo Latest Vulnerabilities

October 11

Lenovo Service Framework Vulnerability Allows Local Attacker Execution with Elevated Privileges

CVE-2024-33582
LenovoService Framework7.8HIGH

Lenovo PC Manager AI Scenario Vulnerability

CVE-2024-33581
LenovoPc Manager Ai Intellig...7.8HIGH

Lenovo Personal Cloud Hijack Vulnerability

CVE-2024-33580
LenovoPersonal Cloud7.8HIGH

DLL Hijack Vulnerability in Lenovo Baiying Could Allow Code Execution with Elevated Privileges

CVE-2024-33579
LenovoBaiying7.8HIGH

Lenovo Leyun DLL Hijack Vulnerability Could Allow Local Attacker to Execute Code with Elevated Privileges

CVE-2024-33578
LenovoLeyun7.8HIGH

Lenovo stARstudio Hijack Vulnerability Could Allow Local Attacker to Execute Code with Elevated Privileges

CVE-2024-9046
LenovoStarstudio7.8HIGH

Lenovo Lock Screen Hijack Vulnerability Allows Local Attacker to Execute Code with Elevated Privileges

CVE-2024-4132
LenovoLock Screen7.8HIGH

Lenovo Emulator Hijack Vulnerability Allows Local Attacker Execution with Elevated Privileges

CVE-2024-4131
LenovoEmulator7.8HIGH

Lenovo App Store Hijack Vulnerability Allows Local Attacker Execution with Elevated Privileges

CVE-2024-4130
LenovoApp Store7.8HIGH

Lenovo Super File Hijack Vulnerability Could Allow Local Attacker to Execute Code with Elevated Privileges

CVE-2024-4089
LenovoSuperfile7.8HIGH

CVE-2024-5474
LenovoDolby Vision Provision...5.5MEDIUM

September 13

Hidden Server Vulnerability Could Allow Local Attackers to Execute Arbitrary Code

CVE-2024-45105
LenovoHx5530 Appliance (thin...6.7MEDIUM

LXCA Managed Device Vulnerability

CVE-2024-45104
LenovoXclarity Administrator6.5MEDIUM

Unmanaging LXCA Managed Devices through Web Interface

CVE-2024-45103
LenovoXclarity Administrator4.3MEDIUM

Privilege Escalation Vulnerability in LXCA with SSO Enabled

CVE-2024-45101
LenovoXclarity Administrator6.8MEDIUM

Command Injection Vulnerability in XCC SSH Captive Shell

CVE-2024-8281
LenovoHx5530 Appliance (thin...7.2HIGH

XCC Input Validation Weakness Could Lead to Command Injection or Denial of Service

CVE-2024-8280
LenovoHx5530 Appliance (thin...7.2HIGH

Privilege Escalation Vulnerability in XCC Allows Command Injection via File Uploads

CVE-2024-8279
LenovoHx5530 Appliance (thin...7.2HIGH

Possible Command Injection Vulnerability in XCC IPMI

CVE-2024-8278
LenovoHx5530 Appliance (thin...7.2HIGH

IPMI Credentials at Risk Due to Length of AccountUsername

CVE-2024-8059
LenovoHx5530 Appliance (thin...4.3MEDIUM

ThinkPad L390 Yoga Vulnerability Could Lead to Privilege Escalation

CVE-2024-7756
Lenovo10w (type 82st, 82su) ...6.8MEDIUM

Potential Buffer Overflow Vulnerability Affects Lenovo Servers

CVE-2024-4550
LenovoP360 Workstation (thin...6.7MEDIUM

Possible Buffer Overflow Vulnerability in Lenovo Notebooks

CVE-2024-3100
Lenovo100w Gen 3 Laptop (len...6.7MEDIUM

August 16

Unauthenticated Denial-of-Service Vulnerability in Lenovo Printers

CVE-2024-5209
Lenovo6.5MEDIUM

Unauthenticated Denial-of-Service Vulnerability Affects Lenovo Printers

CVE-2024-4782
Lenovo6.5MEDIUM

Unauthenticated Denial-of-Service Vulnerability Affects Lenovo Printers

CVE-2024-5210
Lenovo6.5MEDIUM

Unauthenticated Denial-of-Service Vulnerability Affects Lenovo Printers

CVE-2024-6004
Lenovo6.5MEDIUM

Unauthenticated Denial-of-Service Vulnerability Affects Lenovo Printers

CVE-2024-4781
Lenovo6.5MEDIUM

Lenovo Display Control Center and Accessories Vulnerability Could Lead to Privilege Escalation

CVE-2024-2175
Lenovo7.8HIGH

Local Privilege Escalation Vulnerability in Lenovo Display Control Center and Accessories and Display Manager

CVE-2024-4763
Lenovo7.8HIGH

July 31

Lenovo PC Manager Vulnerability Could Lead to System Reboot

CVE-2017-3772
LenovoPc Manager5.5MEDIUM

Lenovo PC Manager Privilege Escalation Vulnerability

CVE-2019-6197
LenovoPc Manager7.8HIGH

Lenovo PC Manager Vulnerability Allows Local Attacker to Escalate Privileges

CVE-2019-6198
LenovoPc Manager7.8HIGH

Lenovo Driver Manager Path Hijacking Vulnerability Could Lead to Code Execution

CVE-2023-1577
LenovoDriver Manager7.8HIGH

July 26

Specially crafted app can keep Lenovo Tab K10 device on

CVE-2024-4786
LenovoTab K102.8LOW

Privilege Escalation Vulnerability in IPMI Could Allow Arbitrary Code Execution

CVE-2024-38509
LenovoXclarity Controller7.2HIGH

Privilege Escalation Vulnerability in XCC Could Allow Command Injection via IPMI Commands

CVE-2024-38512
LenovoXclarity Controller7.2HIGH

Privilege Escalation Vulnerability in SSH Captive Command Shell Interface

CVE-2024-38510
LenovoXclarity Controller7.2HIGH

Privilege Escalation Vulnerability Discovered in XCC Web Interface or SSH Captive Command Shell Interface

CVE-2024-38508
LenovoXclarity Controller7.2HIGH

Privilege Escalation Vulnerability in XCC Upload Processing

CVE-2024-38511
LenovoXclarity Controller7.2HIGH

June 13

Privilege Escalation Vulnerability in Lenovo Service Bridge Could Allow OS Command Execution

CVE-2024-4696
LenovoService Bridge7.5HIGH

May 16

{"Unauthenticated Restart Vulnerability in Lenovo Printers"}

CVE-2024-3286
LenovoPrinters7.5HIGH

April 15

Buffer Overflow Vulnerability in Lenovo System Recovery Bootloader (2012-2014)

CVE-2024-23594
LenovoWindows 7 And 8 Pc Pre...6.4MEDIUM

Privilege Escalation Vulnerability in Lenovo Bootloader Could Allow Attackers to Modify Boot Manager and Escalate Privileges

CVE-2024-23593
LenovoWindows 7 And 8 Pc Pre...6.7MEDIUM

Command Injection Vulnerability in FPC Allows Elevated Privileges

CVE-2024-2659
LenovoSmm, Smm2, Fpc7.2HIGH

Authentication Bypass Vulnerability in IPMI Could Lead to Limited System Information Exposure

CVE-2023-4857
LenovoSmm, Smm2, Fpc7.5HIGH

Format String Vulnerability Affects API Endpoint

CVE-2023-4856
LenovoSmm, Smm2, Fpc8.8HIGH

Unauthorized Command Execution Vulnerability in IPMI

CVE-2023-4855
LenovoSmm, Smm2, Fpc7.2HIGH

April 5

Unauthenticated Reboot Vulnerability Affects Lenovo Printers

CVE-2024-27910
Lenovo

Potential BIOS Update Tool Vulnerability Could Allow Local User Execution of Arbitrary Code

CVE-2023-25493
LenovoBiOS6.7MEDIUM

Lenovo Printers Vulnerable to Denial of Service Attacks

CVE-2024-27912
LenovoPrinters7.5HIGH

Unauthenticated Password Dump Vulnerability Affects Lenovo Printers

CVE-2024-27911
LenovoPrinters7.5HIGH

Lenovo Printers Vulnerable to Denial of Service Attack

CVE-2024-27909
LenovoPrinters4.9MEDIUM

Lenovo Devices Vulnerable to Authentication Bypass Attacks

CVE-2024-23592
Lenovo6.3MEDIUM

Possible Memory Leak Vulnerability Affects Lenovo Notebooks

CVE-2023-5912
LenovoNotebook BiOS6.7MEDIUM

Potential Vulnerability in BIOS of Desktop Products Could Allow Local Attack with Elevated Privileges

CVE-2023-25494
LenovoDesktop BiOS, Smart Ed...6.7MEDIUM

Buffer Overflow Vulnerability in Lenovo Printers Could Lead to Denial of Service

CVE-2024-27908
Lenovo4.9MEDIUM

Unauthenticated API Endpoint Vulnerability in Lenovo XClarity Administrator

CVE-2023-4605
LenovoXclarity Administrator6.5MEDIUM

February 16

Servers Vulnerable to Attack via Manufacturing Mode

CVE-2024-23591
LenovoThinkSystem SR670 V22LOW

January 19

CVE-2023-6450
LenovoLenovo App Store Appli...5.5MEDIUM

CVE-2023-6044
LenovoVantage6.8MEDIUM

CVE-2023-6043
LenovoVantage7.8HIGH

CVE-2023-5081
LenovoTablet3.3LOW

CVE-2023-5080
LenovoTablet7.8HIGH

January 3

CVE-2023-6338
LenovoUniversal Device Clien...7.8HIGH

CVE-2023-6540
LenovoLenovo Browser Mobile6.5MEDIUM

November 8

CVE-2023-43575
LenovoDesktop BiOS6.7MEDIUM

CVE-2023-45075
LenovoBiOS6.7MEDIUM

CVE-2023-43580
LenovoDesktop BiOS6.7MEDIUM

CVE-2023-43574
LenovoDesktop BiOS4.4MEDIUM

CVE-2023-43579
LenovoDesktop BiOS6.7MEDIUM

CVE-2023-43572
LenovoDesktop BiOS4.4MEDIUM

CVE-2023-45076
LenovoBiOS6.7MEDIUM

CVE-2023-45079
LenovoBiOS6.7MEDIUM

CVE-2023-43573
LenovoDesktop BiOS6.7MEDIUM

CVE-2023-43576
LenovoDesktop BIOS6.7MEDIUM

CVE-2023-45077
LenovoBiOS6.7MEDIUM

CVE-2023-43577
LenovoDesktop BIOS6.7MEDIUM

CVE-2023-43578
LenovoDesktop BiOS6.7MEDIUM

CVE-2023-43571
LenovoDesktop BiOS6.7MEDIUM

CVE-2023-43581
LenovoDesktop BiOS6.7MEDIUM

CVE-2023-45078
LenovoBiOS6.7MEDIUM

CVE-2023-5078
LenovoThinkpad BiOS6.7MEDIUM

CVE-2023-4632
LenovoLenovo System Update7.8HIGH

CVE-2023-4706
Lenovo1Lenovo Preload Directory7.8HIGH

CVE-2023-43568
LenovoDesktop BiOS4.4MEDIUM

CVE-2023-43570
LenovoDesktop BiOS6.7MEDIUM

CVE-2023-43569
LenovoDesktop BiOS6.7MEDIUM

CVE-2023-43567
LenovoDesktop BiOS6.7MEDIUM

CVE-2023-4891
LenovoLenovo View Driver5.5MEDIUM

CVE-2023-5075
LenovoIdeapad Duet 3-10igl56.7MEDIUM

CVE-2023-5079
LenovoLecloud Application7.5HIGH

October 30

CVE-2022-4575
LenovoThinkpad BiOS6.7MEDIUM

CVE-2022-48189
LenovoThinkpad BiOS6.7MEDIUM

CVE-2022-4574
LenovoThinkpad BiOS6.7MEDIUM

CVE-2022-4573
LenovoThinkpad X1 Fold Gen 16.7MEDIUM

October 27

CVE-2022-3702
LenovoVantage Hardwarescan P...6.1MEDIUM

CVE-2022-3701
LenovoVantage Systemupdate P...7.8HIGH

CVE-2022-3700
LenovoVantage Systemupdate P...6.1MEDIUM

CVE-2022-3611
LenovoApp Store7.6HIGH