CVE-2022-3700

Name of the Vulnerable Software and Affected Versions Lenovo Vantage SystemUpdate Plugin versions 2.0.0.212 and earlier

Description A Time of Check Time of Use (TOCTOU) issue was reported that could allow a local attacker to delete arbitrary files. This issue could potentially be exploited by a local attacker.

Recommendations For versions 2.0.0.212 and earlier, update to a version later than 2.0.0.212 to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.