TOCTOU Vulnerability in Lenovo Software Products
CVE-2024-10253
4.7MEDIUM
Summary
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in Lenovo's software products, including PC Manager, Lenovo Browser, and Lenovo App Store. This vulnerability could enable a local attacker to exploit the timing issue, potentially resulting in a system crash and disrupting normal operations. Users of these affected Lenovo products should be vigilant and consider applying relevant updates or patches to mitigate the risk.
References
CVSS V3.1
Score:
4.7
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published