PT-2020-11194 · Lenovo · Lenovo Installation Packages

Published

2020-06-09

Updated

2020-06-22

CVE-2019-6173

CVSS v2.0

6.9

Medium

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Lenovo installation packages versions prior to 1.2.9.3

Description A DLL search path issue could allow privilege escalation in some Lenovo installation packages during installation, provided an attacker already has administrative privileges.

Recommendations For versions prior to 1.2.9.3, update to version 1.2.9.3 or later to resolve the issue.

Fix

Untrusted Search Path

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-426

Related Identifiers

CVE-2019-6173

Affected Products

Lenovo Installation Packages

PT-2020-11194 · Lenovo · Lenovo Installation Packages

CVE-2019-6173

Weakness Enumeration

Related Identifiers

Affected Products

References · 3