CVE-2023-4632

Summary

An uncontrolled search path vulnerability was reported in Lenovo System Update that could allow an attacker with local access to execute code with elevated privileges.

Affected Software

VendorProductVersion RangeStatus
LenovoLenovo System UpdateVersions prior to 5.08.02.25affected

Weaknesses

  • CWE-427: CWE-427 Uncontrolled Search Path Element

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References