Skip to main content

CVE-2022-0354

Severity High
Score 7.8/10

Summary

A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released before 2022-02-25 that displays a command prompt window.

  • LOW
  • LOCAL
  • HIGH
  • UNCHANGED
  • NONE
  • LOW
  • HIGH
  • HIGH

References

Advisory Timeline

  • Published