Description
A privilege escalation vulnerability was reported in LenovoBatteryGaugePackage for Lenovo System Interface Foundation bundled in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to execute code with elevated privileges.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://support.lenovo.com/us/en/product_security/LEN-30401
Scores
CVSS v3
7.3
EPSS
0.0010
EPSS Percentile
27.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-428
CWE-269
Status
published
Products (1)
lenovo/vantage
< 10.2003.10.0
Published
Apr 14, 2020
Tracked Since
Feb 18, 2026