Unsigned DLL Loading Vulnerability in Lenovo System Interface Foundation
CVE-2019-6189
7.8HIGH
Key Information:
- Vendor
Lenovo
- Vendor
- CVE Published:
- 19 November 2019
What is CVE-2019-6189?
A vulnerability exists in the Lenovo System Interface Foundation that allows an administrative user to load unsigned dynamic link libraries (DLLs). If successfully exploited, this flaw could pose significant risk to the integrity of the system, as it opens avenues for unauthorized execution of potentially harmful code. Users are encouraged to update to version 1.1.18.3 or later to mitigate this risk.
Affected Version(s)
Lenovo System Interface Foundation <= 1.1.18.3