Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-8317

Summary
Assigner-lenovo
Assigner Org ID-da227ddf-6e25-4b41-b023-0f976dcaca4b
Published At-24 Jul, 2020 | 16:10
Updated At-17 Sep, 2024 | 00:10
Rejected At-
Credits

A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:lenovo
Assigner Org ID:da227ddf-6e25-4b41-b023-0f976dcaca4b
Published At:24 Jul, 2020 | 16:10
Updated At:17 Sep, 2024 | 00:10
Rejected At:
▼CVE Numbering Authority (CNA)

A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges.

Affected Products
Vendor
Lenovo Group LimitedLenovo
Product
Drivers Management
Versions
Affected
  • From unspecified before 2.7.1128.1046 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-426CWE-426 Untrusted Search Path
Type: CWE
CWE ID: CWE-426
Description: CWE-426 Untrusted Search Path
Metrics
VersionBase scoreBase severityVector
3.17.3HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Update to Lenovo Drivers Management version 2.7.1128.1046 (or newer).

Configurations
Workarounds
Exploits
Credits
Lenovo thanks Can Huang and Xinhui Han at Wangxuan Institute of Computer Technology, Peking University for reporting this issue.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://iknow.lenovo.com.cn/detail/dc_190088.html
x_refsource_MISC
Hyperlink: https://iknow.lenovo.com.cn/detail/dc_190088.html
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://iknow.lenovo.com.cn/detail/dc_190088.html
x_refsource_MISC
x_transferred
Hyperlink: https://iknow.lenovo.com.cn/detail/dc_190088.html
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@lenovo.com
Published At:24 Jul, 2020 | 16:15
Updated At:29 Jul, 2020 | 16:10

A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Secondary3.17.3HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Primary2.06.9MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 6.9
Base severity: MEDIUM
Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
Lenovo Group Limited
lenovo
>>drivers_management>>Versions before 2.7.1128.1046(exclusive)
cpe:2.3:a:lenovo:drivers_management:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-426Primarynvd@nist.gov
CWE-426Secondarypsirt@lenovo.com
CWE ID: CWE-426
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-426
Type: Secondary
Source: psirt@lenovo.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://iknow.lenovo.com.cn/detail/dc_190088.htmlpsirt@lenovo.com
Vendor Advisory
Hyperlink: https://iknow.lenovo.com.cn/detail/dc_190088.html
Source: psirt@lenovo.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

194Records found
CVE-2019-6165
Matching Score-10
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-10
Assigner-Lenovo Group Ltd.
CVSS Score-7.3||HIGH
EPSS-0.07% / 20.79%
||
7 Day CHG~0.00%
Published-19 Aug, 2019 | 14:56
Updated-16 Sep, 2024 | 20:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL search path vulnerability was reported in PaperDisplay Hotkey Service version 1.2.0.8 that could allow privilege escalation. Lenovo has ended support for PaperDisplay Hotkey software as the Night light feature introduced in Windows 10 Build 1703 provides similar features.

Action-Not Available
Vendor-Lenovo Group Limited
Product-yoga_700-14iskyoga_700-11isk_firmwareyoga_700-11iskyoga_700-14isk_firmwarePaperDisplay Hotkey Service
CWE ID-CWE-426
Untrusted Search Path
CVE-2019-6173
Matching Score-10
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-10
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.09%
||
7 Day CHG~0.00%
Published-09 Jun, 2020 | 19:50
Updated-16 Sep, 2024 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL search path vulnerability could allow privilege escalation in some Lenovo installation packages, prior to version 1.2.9.3, during installation if an attacker already has administrative privileges.

Action-Not Available
Vendor-Lenovo Group Limited
Product-installation_packageInstallation Packages
CWE ID-CWE-426
Untrusted Search Path
CVE-2019-6189
Matching Score-10
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-10
Assigner-Lenovo Group Ltd.
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.91%
||
7 Day CHG~0.00%
Published-20 Nov, 2019 | 01:31
Updated-16 Sep, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL.

Action-Not Available
Vendor-Lenovo Group Limited
Product-system_interface_foundationLenovo System Interface Foundation
CWE ID-CWE-426
Untrusted Search Path
CVE-2019-6196
Matching Score-10
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-10
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.69%
||
7 Day CHG~0.00%
Published-09 Jun, 2020 | 19:50
Updated-17 Sep, 2024 | 00:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A symbolic link vulnerability in some Lenovo installation packages, prior to version 1.2.9.3, could allow privileged file operations during file extraction and installation.

Action-Not Available
Vendor-Lenovo Group Limited
Product-installation_packageInstallation Packages
CWE ID-CWE-426
Untrusted Search Path
CVE-2017-3775
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.4||MEDIUM
EPSS-0.04% / 12.50%
||
7 Day CHG~0.00%
Published-04 May, 2018 | 16:00
Updated-16 Sep, 2024 | 23:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Lenovo System x server BIOS/UEFI versions, when Secure Boot mode is enabled by a system administrator, do not properly authenticate signed code before booting it. As a result, an attacker with physical access to the system could boot unsigned code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-flex_system_x880system_x3650_m5system_x3950_x6nextscale_nx360_m5_biosflex_system_x240_m5_biossystem_x3550_m5flex_system_x280_x6flex_system_x480_x6_biossystem_x3950_x6_biosnextscale_nx360_m5flex_system_x880_biossystem_x3500_m5flex_system_x280_x6_biosflex_system_x240_m5system_x3850_x6flex_system_x480_x6system_x3850_x6_biossystem_x3250_m6system_x3250_m6_biossystem_x3500_m5_biossystem_x3550_m5_biossystem_x3650_m5_biosSome Lenovo Flex System and Lenovo System x products
CWE ID-CWE-287
Improper Authentication
CVE-2019-0164
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.07% / 21.66%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for Intel(R) Turbo Boost Max Technology 3.0 driver version 1.0.0.1035 and before may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aLenovo Group LimitedIntel Corporation
Product-thinkstation_p910_firmwarethinkstation_p710_firmwarethinkstation_p510thinkstation_p710thinkstation_p910thinkstation_p410_firmwarethinkstation_p410thinkstation_p510_firmwareturbo_boost_max_technology_3.0Intel(R) Turbo Boost Max Technology 3.0
CWE ID-CWE-264
Not Available
CVE-2018-9070
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.4||MEDIUM
EPSS-0.05% / 14.26%
||
7 Day CHG~0.00%
Published-13 Jul, 2018 | 16:00
Updated-16 Sep, 2024 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

For the Lenovo Smart Assistant Android app versions earlier than 12.1.82, an attacker with physical access to the smart speaker can, by pressing a specific button sequence, enter factory test mode and enable a web service intended for testing the device. As with most test modes, this provides extra privileges, including changing settings and running code. Lenovo Smart Assistant is an Amazon Alexa-enabled smart speaker developed by Lenovo.

Action-Not Available
Vendor-Lenovo Group Limited
Product-smart_assistantLenovo Smart Assistant
CVE-2025-8485
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-7||HIGH
EPSS-0.01% / 2.34%
||
7 Day CHG~0.00%
Published-12 Nov, 2025 | 19:18
Updated-02 Feb, 2026 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper permissions vulnerability was reported in Lenovo App Store that could allow a local authenticated user to execute code with elevated privileges during installation of an application.

Action-Not Available
Vendor-Lenovo Group Limited
Product-app_storeApp Store
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-3633
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-7.3||HIGH
EPSS-0.02% / 4.88%
||
7 Day CHG~0.00%
Published-17 Aug, 2021 | 16:25
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation.

Action-Not Available
Vendor-Lenovo Group Limited
Product-drivers_managementDriver Management
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-3519
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.4||MEDIUM
EPSS-0.03% / 9.68%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 22:05
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was reported in some Lenovo Desktop models that could allow unauthorized access to the boot menu, when the "BIOS Password At Boot Device List" BIOS setting is Yes.

Action-Not Available
Vendor-Microsoft CorporationLenovo Group Limited
Product-v530-15arr_firmwarethinkcentre_m70q_firmwarethinkstation_p520_firmwarethinkcentre_m80sthinkcentre_m75s_gen_2_firmwarethinkcentre_qt_m415_firmwarethinkcentre_e75_t\/sthinkcentre_m80q_firmwarethinkcentre_m720ethinkcentre_m90s_firmwarethinkcentre_m630e_firmwarethinkcentre_m70s_firmwareideacentre_510s-07icbthinkcentre_e75_t\/s_firmwarethinkcentre_m90q_tiny_firmwarewindows_10ideacentre_g5-14imb05_firmwarev50t-13imb_g2_firmwarethinkcentre_m70qthinkstation_p520v520thinkcentre_m630eideacentre_510a-15arrthinkcentre_m710ethinkcentre_m710t_firmwarev50t-13imbv530-15arrideacentre_c5-14mb05thinkcentre_m75n_firmwarethinkcentre_m720e_firmwarethinkcentre_m80qv330_firmwareideacentre_5-14iob6v50a-24imb_firmwarethinkcentre_m70c_firmwareideacentre_510s-07ick_firmwarev530s-07icb_firmwarev50t-13imb_g2thinkcentre_m810zthinkcentre_m90tthinkcentre_m75nthinkstation_p340ideacentre_310s-08igm_firmwarethinkcentre_m810z_firmwareideacentre_c5-14mb05_firmwareideacentre_5-14iob6_firmwareideacentre_510a-15arr_firmwarethinkcentre_m710tthinkcentre_m60e_tinythinkcentre_m70a_firmwarev530-15icrv530s-07icbthinkcentre_m70cthinkcentre_m710e_firmwarev50a-22imbthinkcentre_qt_m410thinkcentre_qt_b415_firmwarev50a-24imbthinkcentre_m90sv520s_firmwarethinkcentre_m60e_tiny_firmwareideacentre_310s-08igmideacentre_510s-07icb_firmwarethinkcentre_m90av50s-07imbideacentre_creator_5-14iob6thinkcentre_m75s_gen_2thinkstation_p340_firmwarethinkcentre_m70a_gen_2v50a-22imb_firmwarethinkstation_p920thinkcentre_m70sideacentre_5-14imb05thinkcentre_m70tthinkcentre_m80tv50s-07imb_firmwarev30a-22imlthinkstation_p340_tiny_firmwarethinkcentre_m90a_firmwarev520_firmwarethinkstation_p520c_firmwarethinkcentre_m70av30a-22iml_firmwarethinkcentre_m820z_firmwarethinkcentre_qt_m415thinkcentre_qt_m410_firmwarev530s-07icr_firmwareideacentre_510s-07ickthinkcentre_m90a_tinythinkcentre_m75t_gen_2_firmwarethinkstation_p720thinkcentre_m710s_firmwarev530s-07icrv55t-15apiideacentre_5-14imb05_firmwarev330v50t-13imb_firmwarethinkcentre_m820zideacentre_3-07imb05_firmwarethinkcentre_m710sthinkstation_p920_firmwareideacentre_gaming_5-14iob6_firmwarethinkcentre_m80t_firmwareideacentre_gaming_5-14iob6v520sthinkcentre_qt_b415thinkcentre_m70t_firmwareideacentre_g5-14imb05thinkcentre_m70a_gen_2_firmwarev530-15icr_firmwarethinkstation_p720_firmwarethinkcentre_m80s_firmwareideacentre_3-07imb05v55t-15api_firmwarethinkcentre_m75t_gen_2ideacentre_creator_5-14iob6_firmwarethinkstation_p340_tinythinkstation_p520cthinkcentre_m90t_firmwareDesktop BIOS
CWE ID-CWE-287
Improper Authentication
CVE-2015-8109
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7||HIGH
EPSS-0.04% / 12.77%
||
7 Day CHG~0.00%
Published-24 Apr, 2017 | 06:12
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0019 allows local users to gain privileges by making a prediction of tvsu_tmp_xxxxxXXXXX account credentials that requires knowledge of the time that this account was created, aka a "temporary administrator account vulnerability."

Action-Not Available
Vendor-n/aLenovo Group Limited
Product-lenovo_system_updaten/a
CVE-2015-7335
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7||HIGH
EPSS-0.04% / 11.28%
||
7 Day CHG~0.00%
Published-27 Mar, 2020 | 14:05
Updated-06 Aug, 2024 | 07:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A race condition was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow a user to execute arbitrary code with elevated privileges.

Action-Not Available
Vendor-n/aLenovo Group Limited
Product-system_updaten/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2009-0655
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 21.53%
||
7 Day CHG~0.00%
Published-20 Feb, 2009 | 19:00
Updated-07 Aug, 2024 | 04:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lenovo Veriface III allows physically proximate attackers to login to a Windows account by presenting a "plain image" of the authorized user.

Action-Not Available
Vendor-n/aLenovo Group Limited
Product-verifacen/a
CWE ID-CWE-287
Improper Authentication
CVE-2017-3749
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.4||MEDIUM
EPSS-0.01% / 2.40%
||
7 Day CHG~0.00%
Published-29 Jun, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On Lenovo VIBE mobile phones, the Idea Friend Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3750.

Action-Not Available
Vendor-Google LLCLenovo Group Limited
Product-vibe_a3600-dvibe_a3000vibe_a3500vibe_a2560vibe_a6600vibe_a1600vibe_a2860vibe_k30-w-cuandroidvibe_a6020i37vibe_a2800vibe_a3600uvibe_a6800vibe_a3800-dvibe_a3900vibe_a2880vibe_a6000vibe_k30-evibe_k32c30vibe_k80mvibe_a6000-iLenovo Vibe and Lenovo China-only Moto Mobile Phones
CVE-2017-3750
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.4||MEDIUM
EPSS-0.01% / 2.40%
||
7 Day CHG~0.00%
Published-29 Jun, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749.

Action-Not Available
Vendor-Google LLCLenovo Group Limited
Product-vibe_a3600-dvibe_a3000vibe_a3500vibe_a2560vibe_a6600vibe_a1600vibe_a2860vibe_k30-w-cuandroidvibe_a6020i37vibe_a2800vibe_a3600uvibe_a6800vibe_a3800-dvibe_a3900vibe_a2880vibe_a6000vibe_k30-evibe_k32c30vibe_k80mvibe_a6000-iLenovo Vibe and Lenovo China-only Moto Mobile Phones
CVE-2015-3214
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.9||MEDIUM
EPSS-1.59% / 81.33%
||
7 Day CHG~0.00%
Published-31 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index.

Action-Not Available
Vendor-n/aLenovo Group LimitedLinux Kernel Organization, IncQEMURed Hat, Inc.Arista Networks, Inc.Debian GNU/Linux
Product-enterprise_linux_serverqemulinux_kernelenterprise_linux_server_update_services_for_sap_solutionsenterprise_linux_server_eusemc_px12-450r_ivxenterprise_linux_for_power_big_endian_eusemc_px12-400r_ivxenterprise_linux_compute_node_eusdebian_linuxenterprise_linux_for_power_big_endianvirtualizationopenstackenterprise_linux_server_ausenterprise_linux_for_scientific_computingenterprise_linux_server_tuseosenterprise_linux_workstationenterprise_linux_server_from_rhuin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-2234
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.03% / 6.95%
||
7 Day CHG~0.00%
Published-12 May, 2015 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 uses world-writable permissions for the update files directory, which allows local users to gain privileges by writing to an update file after the signature is validated.

Action-Not Available
Vendor-n/aLenovo Group Limited
Product-system_updaten/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2023-4706
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-7.3||HIGH
EPSS-0.07% / 21.92%
||
7 Day CHG~0.00%
Published-08 Nov, 2023 | 21:59
Updated-02 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A privilege escalation vulnerability was reported in Lenovo preloaded devices deployed using Microsoft AutoPilot under a standard user account due to incorrect default privileges.

Action-Not Available
Vendor-Lenovo Group Limited
Product-preload_directory1Lenovo Preload Directory
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-1513
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-7.3||HIGH
EPSS-0.81% / 73.83%
||
7 Day CHG~0.00%
Published-23 Aug, 2022 | 17:25
Updated-03 Aug, 2024 | 00:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability was reported in Lenovo PCManager prior to version 5.0.10.4191 that may allow code execution when visiting a specially crafted website.

Action-Not Available
Vendor-Lenovo Group Limited
Product-pcmanagerPCManager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-0354
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-7.3||HIGH
EPSS-0.05% / 16.03%
||
7 Day CHG~0.00%
Published-22 Apr, 2022 | 20:30
Updated-02 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released before 2022-02-25 that displays a command prompt window.

Action-Not Available
Vendor-Lenovo Group Limited
Product-system_updateSystem Update
CVE-2022-0192
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-7.3||HIGH
EPSS-0.07% / 20.79%
||
7 Day CHG~0.00%
Published-22 Apr, 2022 | 20:30
Updated-02 Aug, 2024 | 23:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL search path vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175 that could allow privilege escalation.

Action-Not Available
Vendor-Lenovo Group Limited
Product-pcmanagerPCManager
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-8318
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-7.3||HIGH
EPSS-0.12% / 31.45%
||
7 Day CHG~0.00%
Published-14 Apr, 2020 | 21:05
Updated-16 Sep, 2024 | 22:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A privilege escalation vulnerability was reported in the LenovoSystemUpdatePlugin for Lenovo System Interface Foundation prior to version that could allow an authenticated user to execute code with elevated privileges.

Action-Not Available
Vendor-Lenovo Group Limited
Product-system_interface_foundationLenovoSystemUpdatePlugin for Lenovo System Interface Foundation
CVE-2020-8327
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-7.3||HIGH
EPSS-0.10% / 28.63%
||
7 Day CHG~0.00%
Published-14 Apr, 2020 | 21:05
Updated-17 Sep, 2024 | 00:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A privilege escalation vulnerability was reported in LenovoBatteryGaugePackage for Lenovo System Interface Foundation bundled in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to execute code with elevated privileges.

Action-Not Available
Vendor-Lenovo Group Limited
Product-vantageVantage
CWE ID-CWE-428
Unquoted Search Path or Element
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-8332
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.4||MEDIUM
EPSS-0.03% / 9.82%
||
7 Day CHG~0.00%
Published-14 Oct, 2020 | 21:25
Updated-04 Aug, 2024 | 09:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected.

Action-Not Available
Vendor-IBM CorporationLenovo Group Limited
Product-system_x3530_m4_firmwarebladecenter_hs23e_firmwarebladecenter_hs23esystem_x3630_m4_firmwaresystem_x3630_m4flex_system_x220nextscale_nx360_m4_firmwaresystem_x3650_m4_firmwarenextscale_nx360_m4idataplex_dx360_m4_firmwaresystem_x3650_m4_hd_firmwarebladecenter_hs23system_x3300_m4system_x3650_m4_hdflex_system_x440_firmwaresystem_x3750_m4_firmwaresystem_x3550_m4system_x3650_m4_bd_firmwarecompute_node-x440_firmwareidataplex_dx360_m4flex_system_x220_firmwaresystem_x3650_m4_bdbladecenter_hs23_firmwaresystem_x3750_m4system_x3550_m4_firmwaresystem_x3500_m4_firmwaresystem_x3300_m4_firmwaresystem_x3500_m4system_x3530_m4idataplex_dx360_m4_water_cooledflex_system_x240_firmwareflex_system_x240system_x3650_m4compute_node-x440idataplex_dx360_m4_water_cooled_firmwareflex_system_x440System x
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2020-8342
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-7.3||HIGH
EPSS-0.03% / 9.67%
||
7 Day CHG~0.00%
Published-15 Sep, 2020 | 14:20
Updated-17 Sep, 2024 | 00:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A race condition vulnerability was reported in Lenovo System Update prior to version 5.07.0106 that could allow escalation of privilege.

Action-Not Available
Vendor-Lenovo Group Limited
Product-system_updateSystem Update
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2020-8326
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-7.3||HIGH
EPSS-0.13% / 32.41%
||
7 Day CHG~0.00%
Published-24 Jul, 2020 | 16:10
Updated-17 Sep, 2024 | 03:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unquoted service path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges.

Action-Not Available
Vendor-Lenovo Group Limited
Product-drivers_managementDrivers Management
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-8345
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-7.3||HIGH
EPSS-0.07% / 20.79%
||
7 Day CHG~0.00%
Published-14 Oct, 2020 | 21:25
Updated-04 Aug, 2024 | 09:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL search path vulnerability was reported in the Lenovo HardwareScan Plugin for the Lenovo Vantage hardware scan feature prior to version 1.0.46.11 that could allow escalation of privilege.

Action-Not Available
Vendor-Lenovo Group Limited
Product-hardware_scanVantage HardwareScan Plugin
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-8319
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-7.3||HIGH
EPSS-0.12% / 31.45%
||
7 Day CHG~0.00%
Published-14 Apr, 2020 | 21:05
Updated-16 Sep, 2024 | 17:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A privilege escalation vulnerability was reported in Lenovo System Interface Foundation prior to version 1.1.19.3 that could allow an authenticated user to execute code with elevated privileges.

Action-Not Available
Vendor-Lenovo Group Limited
Product-system_interface_foundationLenovo System Interface Foundation
CVE-2019-19705
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.18%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 00:00
Updated-14 Apr, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo products), mishandles DLL preloading.

Action-Not Available
Vendor-n/aLenovo Group Limited
Product-aio510-23ish_firmwareyangtian_mc_h110_pci_firmwareyangtian_mf\/wf_h110_pcithinkserver_ts250_firmwarethinkpad_t25yangtian_ytm6900e-00thinkcentre_m9500zaio_910-27ishthinkpad_yoga_11e_3rd_gensydney_e3_h110yangtian_mc_h110_firmwarethinkpad_p51s_firmwarethinkserver_ts450_firmwarethinkpad_l470_firmwarethinkcentre_m6600ideacentre_510s-08ishthinkpad_a475thinkpad_l480ideacentre_310-15iapthinkpad_l560yangtian_me\/we_h110thinkpad_t470sthinkpad_t460sthinkstation_p320thinkcentre_m900z_firmwarethinkpad_p50_firmwarethinkcentre_m818zthinkpad_t460pyangtian_mc_h110thinkcentre_e95zthinkcentre_m715qideacentre_310s-08iap_firmwareaio520-24iku_firmwareideacentre_620s-03ikl_firmwareaio520-22ikuthinkserver_ts150thinkstation_p320_tinyqt_a7400legion_y520t_z370_firmwarethinkpad_x1_carbonthinkpad_x1_carbon_firmwareideacentre_310-15asrthinkpad_13thinkpad_l570thinkpad_l390_yoga_firmwarethinkserver_ts250thinkpad_x260_firmwareideacentre_310-15iap_firmwareaio_y910-27ishaio520-24ikl_firmwarethinkcentre_m8600t\/sthinkpad_t580thinkpad_yoga_11e_3rd_gen_firmwarethinkpad_t25_firmwarethinkpad_s3_3rd_genthinkpad_l450thinkpad_x280thinkpad_l380thinkcentre_m710ethinkcentre_m910qthinkpad_p71thinkcentre_m715t\/sthinkserver_ts140thinkcentre_m900zthinkpad_p52syta8900f_firmwarethinkstation_p330_firmwarethinkpad_t480sideacentre_520s-23ikulenovo_v320-15iapideacentre_520s-23iku_firmwarethinkpad_t460aio310-20iapthinkcentre_m6600_firmwarethinkcentre_m910_t\/sthinkstation_p330_tinythinkcentre_m810zthinkcentre_e95z_firmwarelegion_y520t_z370thinkpad_t480_firmwarethinkcentre_m810z_firmwarethinkserver_ts150_firmwarethinkpad_x280_firmwareideacentre_310s-08iapthinkpad_t450sthinkcentre_x1_aio_firmwarethinkpad_l460legion_y720_tower_firmwarelenovo_v320-15iap_firmwarethinkstation_p330thinkcentre_m8300z_firmwarethinkpad_x270thinkpad_x250_firmwarethinkserver_ts550thinkcentre_e74zthinkcentre_m800aio520-22iklaio720-24ikb_firmwarethinkcentre_m6600t\/s_firmwareideacentre_620s-03iklthinkcentre_m910xthinkpad_l460_firmwareaio300-23isu_firmwarethinkcentre_m700q_firmwarethinkpad_l570_firmwarethinkpad_l580_firmwarev510z_\(yt_s5250\)_firmwarethinkcentre_m715q_firmwarethinkpad_x1_yogav410z\(yt_s4250\)thinkcentre_m710t\/s_firmwarethinkcentre_m710qthinkserver_ts450thinkpad_t480thinkcentre_m710q_firmwareaio520-24ikuthinkserver_ts240thinkpad_p71_firmwarethinkcentre_m8350zyangtian_afh110thinkcentre_m900thinkpad_t460_firmwarethinkpad_t560_firmwareaio_y910-27ish_firmwarethinkpad_t580_firmwarethinkpad_s3_3rd_gen_firmwareideacentre_510s-08iklthinkcentre_m8350z_firmwareideacentre_300s-11ish_firmwarev510z_\(yt_s5250\)aio520-24iklthinkserver_ts140_firmwarethinkpad_t470s_firmwarethinkcentre_m710t\/sthinkcentre_m700qthinkcentre_m700z_firmwarethinkcentre_m9550zthinkpad_p51_firmwareideacentre_610s-02ishaio520-22iku_firmwareideacentre_510s-08ikl_firmwarethinkpad_t560aio_910-27ish_firmwareaio300-23isuthinkpad_p50sthinkstation_p318_firmwarethinkcentre_m8300zaio510-23ishyangtian_me\/we_h110_firmwarethinkpad_x250thinkpad_t470ideacentre_510-15abrthinkcentre_m910zideacentre_700_firmwareideacentre_720-18asr_firmwarethinkstation_p310aio510-22ishlegion_y920_towerthinkcentre_m715t\/s_firmwarethinkcentre_m900_firmwareaio310-20iap_firmwarev410z\(yt_s4250\)_firmwarethinkcentre_m7300zthinkcentre_m800zaio520-22ikl_firmwareideacentre_610s-02ish_firmwareyangtian_ytm6900e-00_firmwareideacentre_510-15abr_firmwarethinkcentre_m710e_firmwareyangtian_afh110_firmwarethinkcentre_m910z_firmwarethinkstation_p320_firmwarethinkpad_13_firmwarethinkpad_yoga_11e_4th_genthinkpad_a275thinkpad_x1_tabletaio720-24ikbthinkpad_p70_firmwarethinkpad_s2_yoga_3rd_gen_firmwarethinkcentre_e74z_firmwarethinkpad_p51ideacentre_510s-08ish_firmwarethinkcentre_m6600t\/sthinkpad_t460s_firmwarethinkpad_t470pthinkpad_l580yangtian_afq150_firmwarethinkstation_p310_firmwarethinkcentre_m800_firmwarethinkpad_p50s_firmwarethinkpad_l450_firmwarethinkpad_x1_yoga_firmwaresydney_e3_h110_firmwarethinkstation_p318v310z\(yt_s3150\)_firmwareideacentre_310-15asr_firmwarethinkcentre_m910x_firmwarethinkcentre_m8600t\/s_firmwareyangtian_afq150legion_y720_towerthinkpad_t570_firmwarethinkpad_l560_firmwarethinkpad_t460p_firmwareyangtian_mf\/wf_h110_pci_firmwarethinkcentre_m700zthinkstation_p320_tiny_firmwarethinkpad_l380_firmwarethinkpad_x260ideacentre_720-18asrthinkcentre_m6600q_firmwareaio520-27iklthinkpad_x1_tablet_firmwareaio520-27ikl_firmwarethinkcentre_m700t\/sthinkpad_l480_firmwarethinkcentre_m7300z_firmwarethinkcentre_x1_aiothinkpad_l380_yogalegion_y720t_amdthinkpad_p50ideacentre_510-15ikl_firmwareyta8900fideacentre_300s-11ishthinkcentre_m818z_firmwarethinkpad_p52s_firmwarethinkpad_t570thinkpad_p51syangtian_tc\/wc_h110_pci_firmwareideacentre_700thinkpad_s2_yoga_4th_genthinkpad_t450s_firmwarethinkpad_t450_firmwarev310z\(yt_s3150\)thinkcentre_m800z_firmwarethinkcentre_m910_t\/s_firmwarethinkpad_t450thinkpad_t480s_firmwarethinkpad_s2_yoga_3rd_genideacentre_310a-15iap_firmwarethinkpad_t470p_firmwarethinkpad_yoga_11e_4th_gen_firmwarethinkpad_l13_yogathinkpad_a275_firmwareideacentre_510-15iklthinkpad_s2_yoga_4th_gen_firmwareaio510-22ish_firmwarethinkcentre_m6600qlegion_y920_tower_firmwarethinkpad_a475_firmwareyangtian_mc_h110_pcithinkpad_p70thinkserver_ts550_firmwarethinkpad_l470yangtian_tc\/wc_h110_pcithinkcentre_m9500z_firmwarethinkpad_l390_yogathinkpad_l13_yoga_firmwarethinkcentre_m9550z_firmwarethinkcentre_m700t\/s_firmwarethinkcentre_e74s_firmwareyangtian_s4150_firmwarethinkcentre_e74sthinkserver_ts240_firmwarethinkcentre_m910q_firmwarethinkpad_t470_firmwarelegion_y720t_amd_firmwarethinkstation_p330_tiny_firmwarethinkpad_l380_yoga_firmwareqt_a7400_firmwareideacentre_310a-15iapyangtian_s4150thinkpad_x270_firmwaren/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2019-6154
Matching Score-6
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-6
Assigner-Lenovo Group Ltd.
CVSS Score-5.3||MEDIUM
EPSS-0.24% / 46.68%
||
7 Day CHG~0.00%
Published-10 Apr, 2019 | 17:04
Updated-17 Sep, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL search path vulnerability was reported in Lenovo Bootable Generator, prior to version Mar-2019, that could allow a malicious user with local access to execute code on the system.

Action-Not Available
Vendor-Lenovo Group Limited
Product-ideacentrethinkpadthinkcentrebootable_usbthinkstationLenovo Bootable Generator
CWE ID-CWE-426
Untrusted Search Path
CVE-2025-2501
Matching Score-6
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-6
Assigner-Lenovo Group Ltd.
CVSS Score-8.5||HIGH
EPSS-0.02% / 3.88%
||
7 Day CHG~0.00%
Published-30 May, 2025 | 19:14
Updated-02 Feb, 2026 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An untrusted search path vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges.

Action-Not Available
Vendor-Lenovo Group Limited
Product-pcmanagerPC Manager
CWE ID-CWE-426
Untrusted Search Path
CVE-2020-8338
Matching Score-6
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-6
Assigner-Lenovo Group Ltd.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.93%
||
7 Day CHG~0.00%
Published-14 Oct, 2020 | 21:25
Updated-04 Aug, 2024 | 09:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL search path vulnerability was reported in Lenovo Diagnostics prior to version 4.35.4 that could allow a user with local access to execute code on the system.

Action-Not Available
Vendor-Lenovo Group Limited
Product-diagnosticsDiagnostics
CWE ID-CWE-426
Untrusted Search Path
CVE-2026-23512
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.6||HIGH
EPSS-0.01% / 1.49%
||
7 Day CHG~0.00%
Published-14 Jan, 2026 | 20:31
Updated-03 Feb, 2026 | 17:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SumatraPDF has an Untrusted Search Path in sumatrapdf/src/AppTools.cpp

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, there is a Untrusted Search Path vulnerability when Advanced Options setting is trigger. The application executes notepad.exe without specifying an absolute path when using the Advanced Options setting. On Windows, this allows execution of a malicious notepad.exe placed in the application's installation directory, leading to arbitrary code execution.

Action-Not Available
Vendor-sumatrapdfreadersumatrapdfreaderMicrosoft Corporation
Product-sumatrapdfwindowssumatrapdf
CWE ID-CWE-426
Untrusted Search Path
CVE-2013-2773
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.61%
||
7 Day CHG~0.00%
Published-14 Jan, 2020 | 14:25
Updated-06 Aug, 2024 | 15:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nitro PDF 8.5.0.26: A specially crafted DLL file can facilitate Arbitrary Code Execution

Action-Not Available
Vendor-gonitron/a
Product-nitropdfn/a
CWE ID-CWE-426
Untrusted Search Path
CVE-2021-4435
Matching Score-4
Assigner-Fedora Project
ShareView Details
Matching Score-4
Assigner-Fedora Project
CVSS Score-7.7||HIGH
EPSS-0.05% / 15.70%
||
7 Day CHG~0.00%
Published-04 Feb, 2024 | 19:16
Updated-17 Jun, 2025 | 14:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Yarn: untrusted search path

An untrusted search path vulnerability was found in Yarn. When a victim runs certain Yarn commands in a directory with attacker-controlled content, malicious commands could be executed in unexpected ways.

Action-Not Available
Vendor-yarnpkgn/aFedora Project
Product-yarnyarnFedoraExtra Packages for Enterprise Linux
CWE ID-CWE-426
Untrusted Search Path
CVE-2013-3494
Matching Score-4
Assigner-Flexera Software LLC
ShareView Details
Matching Score-4
Assigner-Flexera Software LLC
CVSS Score-7.8||HIGH
EPSS-0.21% / 43.37%
||
7 Day CHG~0.00%
Published-12 Feb, 2020 | 15:14
Updated-06 Aug, 2024 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Code Execution Vulnerability exists in UMPlayer 0.98 in wintab32.dll due to insufficient path restrictions when loading external libraries. which could let a malicious user execute arbitrary code.

Action-Not Available
Vendor-umplayer_projectUMPlayer
Product-umplayerUMPlayer
CWE ID-CWE-426
Untrusted Search Path
CVE-2019-17664
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.16% / 36.40%
||
7 Day CHG~0.00%
Published-16 Oct, 2019 | 19:42
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NSA Ghidra through 9.0.4 uses a potentially untrusted search path. When executing Ghidra from a given path, the Java process working directory is set to this path. Then, when launching the Python interpreter via the "Ghidra Codebrowser > Window > Python" option, Ghidra will try to execute the cmd.exe program from this working directory.

Action-Not Available
Vendor-nsan/a
Product-ghidran/a
CWE ID-CWE-426
Untrusted Search Path
CVE-2024-47422
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.49%
||
7 Day CHG~0.00%
Published-09 Oct, 2024 | 14:29
Updated-18 Oct, 2024 | 14:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Framemaker | Untrusted Search Path (CWE-426)

Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious path into the search directories, which the application could unknowingly execute. This could allow the attacker to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction.

Action-Not Available
Vendor-Microsoft CorporationAdobe Inc.
Product-framemakerwindowsAdobe Framemakerframemaker
CWE ID-CWE-426
Untrusted Search Path
CVE-2020-0570
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.33% / 55.40%
||
7 Day CHG-0.03%
Published-14 Sep, 2020 | 18:17
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.

Action-Not Available
Vendor-qtn/aRed Hat, Inc.
Product-qtenterprise_linuxQT Library
CWE ID-CWE-426
Untrusted Search Path
CVE-2020-6654
Matching Score-4
Assigner-Eaton
ShareView Details
Matching Score-4
Assigner-Eaton
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-30 Sep, 2020 | 20:36
Updated-16 Sep, 2024 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DLL Hijacking

A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL.

Action-Not Available
Vendor-eatonEaton
Product-9000x_programming_and_configuration_software9000x Programming and Configuration Software
CWE ID-CWE-427
Uncontrolled Search Path Element
CWE ID-CWE-426
Untrusted Search Path
CVE-2024-38305
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.3||HIGH
EPSS-0.12% / 31.26%
||
7 Day CHG~0.00%
Published-21 Aug, 2024 | 01:54
Updated-25 Nov, 2024 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SupportAssist for Home PCs Installer exe version 4.0.3 contains a privilege escalation vulnerability in the installer. A local low-privileged authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary executables on the operating system with elevated privileges.

Action-Not Available
Vendor-Dell Inc.
Product-supportassist_for_home_pcsSupportAssist for Home PCssupportassist_for_home_pcs
CWE ID-CWE-426
Untrusted Search Path
CVE-2019-6826
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-7.8||HIGH
EPSS-0.43% / 62.11%
||
7 Day CHG~0.00%
Published-17 Sep, 2019 | 19:57
Updated-04 Aug, 2024 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-426: Untrusted Search Path vulnerability exists in SoMachine HVAC v2.4.1 and earlier versions, which could cause arbitrary code execution on the system running SoMachine HVAC when a malicious DLL library is loaded by the product.

Action-Not Available
Vendor-
Product-somachine_hvacSoMachine HVAC
CWE ID-CWE-426
Untrusted Search Path
CVE-2019-6019
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.33% / 55.40%
||
7 Day CHG~0.00%
Published-26 Dec, 2019 | 15:16
Updated-04 Aug, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Untrusted search path vulnerability in STAMP Workbench installer all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Action-Not Available
Vendor-ipaINFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN (IPA)
Product-stamp_workbenchSTAMP Workbench installer
CWE ID-CWE-426
Untrusted Search Path
CVE-2018-0598
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-7.8||HIGH
EPSS-13.88% / 94.14%
||
7 Day CHG~0.00%
Published-26 Jun, 2018 | 00:00
Updated-05 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Untrusted search path vulnerability in Self-extracting archive files created by IExpress bundled with Microsoft Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Action-Not Available
Vendor-Microsoft Corporation
Product-windowsSelf-extracting archive files created by IExpress bundled with Microsoft Windows
CWE ID-CWE-426
Untrusted Search Path
CVE-2024-36507
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.99%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 18:53
Updated-14 Nov, 2024 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and social engineering.

Action-Not Available
Vendor-Fortinet, Inc.
Product-forticlientFortiClientWindowsforticlientwindows
CWE ID-CWE-426
Untrusted Search Path
CVE-2019-4732
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.2||HIGH
EPSS-0.16% / 37.49%
||
7 Day CHG~0.00%
Published-03 Feb, 2020 | 16:45
Updated-16 Sep, 2024 | 22:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially-crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 172618.

Action-Not Available
Vendor-Microsoft CorporationIBM Corporation
Product-windowswebsphere_application_serversdkJava
CWE ID-CWE-426
Untrusted Search Path
CVE-2019-5429
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-7.8||HIGH
EPSS-0.30% / 53.22%
||
7 Day CHG-0.01%
Published-29 Apr, 2019 | 14:13
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory.

Action-Not Available
Vendor-filezilla-projectFileZillaDebian GNU/LinuxFedora Project
Product-filezilla_clientdebian_linuxfedoraFileZilla
CWE ID-CWE-426
Untrusted Search Path
CVE-2024-11454
Matching Score-4
Assigner-Autodesk
ShareView Details
Matching Score-4
Assigner-Autodesk
CVSS Score-7.8||HIGH
EPSS-0.29% / 52.07%
||
7 Day CHG~0.00%
Published-09 Dec, 2024 | 17:48
Updated-26 Sep, 2025 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Untrusted Search Path vulnerability in Autodesk Revit

A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the current process due to an untrusted search patch being utilized.

Action-Not Available
Vendor-Autodesk Inc.
Product-revitRevitrevit
CWE ID-CWE-426
Untrusted Search Path
CVE-2019-19929
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.22% / 45.02%
||
7 Day CHG~0.00%
Published-23 Dec, 2019 | 01:40
Updated-05 Aug, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner before 8.0.1 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded by the product.

Action-Not Available
Vendor-malwarebytesn/a
Product-adwcleanern/a
CWE ID-CWE-426
Untrusted Search Path
CVE-2020-5977
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.41%
||
7 Day CHG~0.00%
Published-23 Oct, 2020 | 17:35
Updated-04 Aug, 2024 | 08:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.

Action-Not Available
Vendor-NVIDIA Corporation
Product-geforce_experienceNVIDIA GeForce Experience Software
CWE ID-CWE-426
Untrusted Search Path
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found