PT-2022-23734 · Lenovo · Lenovo Hardwarescanplugin+1

Published

2022-11-09

Updated

2025-06-04

CVE-2022-3699

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Lenovo HardwareScanPlugin versions prior to 1.3.1.2 Lenovo Diagnostics versions prior to 4.45

Description A privilege escalation issue was reported that could allow a local user to execute code with elevated privileges. This issue affects the Lenovo HardwareScanPlugin and Lenovo Diagnostics, potentially allowing a local user to gain system-level access.

Recommendations For Lenovo HardwareScanPlugin versions prior to 1.3.1.2, update to version 1.3.1.2 or later to resolve the issue. For Lenovo Diagnostics versions prior to 4.45, update to version 4.45 or later to resolve the issue.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2022-3699

Affected Products

Lenovo Diagnostics

Lenovo Hardwarescanplugin

PT-2022-23734 · Lenovo · Lenovo Hardwarescanplugin+1

CVE-2022-3699

Weakness Enumeration

Related Identifiers

Affected Products

References · 15