Improper Privilege Vulnerability in Lenovo Vantage on SMB Notebooks
CVE-2024-12673
8.5HIGH
What is CVE-2024-12673?
An improper privilege vulnerability exists in the BIOS customization feature of Lenovo Vantage designed for SMB notebook devices, enabling a local attacker to enhance their privileges on the system. This issue compromises security on affected Lenovo devices, including specific models from the V Series, ThinkBook, and ThinkPad E Series, potentially allowing unauthorized users to execute sensitive actions that should be restricted.
Affected Version(s)
Vantage 0 < 10.2501.15.0