CVE-2023-4632

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Lenovo System Update (affected versions not specified)

Description An uncontrolled search path vulnerability was reported in Lenovo System Update that could allow an attacker with local access to execute code with elevated privileges. The issue is related to the use of an untrusted search path, which can be exploited by an attacker to gain elevated privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Untrusted Search Path

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-426CWE-427

Related Identifiers

BDU:2023-07537

CVE-2023-4632

Affected Products

Lenovo System Update

CVE-2023-4632

Weakness Enumeration

Related Identifiers

Affected Products

References · 8