Vulnerability CVE-2020-8338


Published: 2020-10-14   Modified: 2020-10-15

Description:
A DLL search path vulnerability was reported in Lenovo Diagnostics prior to version 4.35.4 that could allow a user with local access to execute code on the system.

Type:

CWE-426

(Untrusted Search Path)

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Lenovo -> Diagnostics 

 References:
https://support.lenovo.com/us/en/product_security/LEN-32702

Copyright 2024, cxsecurity.com

 

Back to Top