Vulnerabilities > Lenovo > Hardware Scan Plugin

DATE CVE VULNERABILITY TITLE RISK
2023-10-27 CVE-2022-3700 Unspecified vulnerability in Lenovo products
A Time of Check Time of Use (TOCTOU) vulnerability was reported in the Lenovo Vantage SystemUpdate Plugin version 2.0.0.212 and earlier that could allow a local attacker to delete arbitrary files.
local
high complexity
lenovo
6.3
2023-10-27 CVE-2022-3701 Improper Privilege Management vulnerability in Lenovo products
A privilege elevation vulnerability was reported in the Lenovo Vantage SystemUpdate plugin version 2.0.0.212 and earlier that could allow a local attacker to execute arbitrary code with elevated privileges.
local
low complexity
lenovo CWE-269
7.8
2023-10-27 CVE-2022-3702 Unspecified vulnerability in Lenovo products
A denial of service vulnerability was reported in Lenovo Vantage HardwareScan Plugin version 1.3.0.5 and earlier that could allow a local attacker to delete contents of an arbitrary directory under certain conditions.
local
low complexity
lenovo
7.1