Description
A privilege escalation vulnerability was reported in LenovoBatteryGaugePackage for Lenovo System Interface Foundation bundled in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to execute code with elevated privileges.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://support.lenovo.com/us/en/product_security/LEN-30401
Scores
CVSS v3
7.3
EPSS
0.0037
EPSS Percentile
29.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
CWE-428
Status
published
Products (1)
lenovo/vantage
< 10.2003.10.0
Published
Apr 14, 2020
Tracked Since
Feb 18, 2026