CVE-2022-3699

A privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin prior to version 1.3.1.2 and Lenovo Diagnostics prior to version 4.45

that could allow a local user to execute code with elevated privileges.

Published: Oct 25, 2023
Updated: Oct 31, 2023
CVE: CVE-2022-3699
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-787

Affected Software
References

Software	From	Fixed in
lenovo / diagnostics	-	4.45.0
lenovo / hardwarescan_addin	-	2.4.1.1
lenovo / hardwarescan_plugin	-	1.3.1.2

https://support.lenovo.com/us/en/product_security/LEN-102365
https://support.lenovo.com/us/en/product_security/LEN-94532

Vulnerability Database

290,020

CVE-2022-3699