CVE-2022-3699

Summary

A privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin prior to version 1.3.1.2 and Lenovo Diagnostics prior to version 4.45

that could allow a local user to execute code with elevated privileges.

Affected Software

VendorProductVersion RangeStatus
LenovoHardwareScanPlugin< 1.3.1.2affected
LenovoDiagnostics< 4.45affected

Weaknesses

  • CWE-787: CWE-787 Out-of-bounds Write

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References