Arbitrary Code Execution Risk in Lenovo Wallpaper Client
CVE-2025-9319

7.5HIGH

Key Information:

Vendor: Lenovo
Status: Wallpaper Client
Vendor: CVE Published:; 11 September 2025

What is CVE-2025-9319?

A vulnerability has been identified in the Lenovo Wallpaper Client that permits the execution of arbitrary code. This could occur under specific conditions, potentially compromising system integrity and enabling malicious actors to manipulate system functions. It is critical for users to apply recommended security measures to mitigate risks associated with this flaw.

Affected Version(s)

Wallpaper Client 0 <= 3.0.70.3301

References

https://iknow.lenovo.com.cn/detail/431733

CVSS V4

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 11, 2025
Vulnerability Reserved
Aug 21, 2025

Credit

Lenovo thanks Wan Jie from Huazhong University of Science and Technology for reporting this issue.