Vulnerabilities > CVE-2022-3700 - Unspecified vulnerability in Lenovo products

CVSS 6.3 - MEDIUM

Attack vector

LOCAL

Attack complexity

HIGH

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

HIGH

local

high complexity

lenovo

NVD

Published: 2023-10-27

Updated: 2024-11-21

Summary

A Time of Check Time of Use (TOCTOU) vulnerability was reported in the Lenovo Vantage SystemUpdate Plugin version 2.0.0.212 and earlier that could allow a local attacker to delete arbitrary files.

Vulnerable Configurations

Part	Description	Count
Application	Lenovo Lenovo System Update Plugin * Lenovo Hardware Scan Plugin * Lenovo Hardware Scan Addin *	3

References

https://support.lenovo.com/us/en/product_security/LEN-94532
https://support.lenovo.com/us/en/product_security/LEN-94532