Vulnerabilities > CVE-2023-6044 - Unspecified vulnerability in Lenovo Vantage

CVSS 6.8 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

lenovo

NVD

Published: 2024-01-19

Updated: 2024-11-21

Summary

A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker with physical access to impersonate Lenovo Vantage Service and execute arbitrary code with elevated privileges.

Vulnerable Configurations

Part	Description	Count
Application	Lenovo Lenovo Vantage *	1

References

https://support.lenovo.com/us/en/product_security/LEN-144736
https://support.lenovo.com/us/en/product_security/LEN-144736