CVE-2026-2368

Summary

An improper certificate validation vulnerability was reported in the Lenovo Filez application that could allow a user capable of intercepting network traffic to execute arbitrary code.

Affected Software

VendorProductVersion RangeStatus
LenovoFileZ0 < 10.12.3.0affected
LenovoFileZ0 < 11.1.0.35affected

Weaknesses

  • CWE-295: CWE-295: Improper Certificate Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References