Lenovo Vantage
13 CVEs affecting Lenovo Vantage. Latest disclosed: 2026-04-15. Critical: 0, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-6232 | High | 7.8 | 2025-07-17 | An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute code with elevated pe… |
CVE-2025-6231 | High | 7.8 | 2025-07-17 | An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute code with elevated pe… |
CVE-2024-12673 | High | 7.8 | 2025-02-12 | An improper privilege vulnerability was reported in a BIOS customization feature of Lenovo Vantage on SMB notebook devices which could allow a local attacker t… |
CVE-2023-6043 | High | 7.8 | 2024-01-19 | A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker to bypass integrity checks and execute arbitrary code wit… |
CVE-2020-8327 | High | 7.3 | 2020-04-14 | A privilege escalation vulnerability was reported in LenovoBatteryGaugePackage for Lenovo System Interface Foundation bundled in Lenovo Vantage prior to versio… |
CVE-2026-0827 | High | 7.1 | 2026-04-15 | During an internal security assessment, a potential vulnerability was discovered in Lenovo Diagnostics and the HardwareScanAddin used in Lenovo Vantage that, d… |
CVE-2026-1716 | High | 7.1 | 2026-03-11 | An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticate… |
CVE-2026-1715 | High | 7.1 | 2026-03-11 | An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticate… |
CVE-2023-6044 | Medium | 6.3 | 2024-01-19 | A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker with physical access to impersonate Lenovo Vantage Servic… |
CVE-2026-1717 | Medium | 5.5 | 2026-03-11 | An input validation vulnerability was reported in the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenti… |
CVE-2025-13154 | Medium | 5.5 | 2026-01-14 | An improper link following vulnerability was reported in the SmartPerformanceAddin for Lenovo Vantage that could allow an authenticated local user to perform a… |
CVE-2025-6230 | Medium | 5.3 | 2025-07-17 | A SQL injection vulnerability was reported in Lenovo Vantage that could allow a local attacker to modify the local SQLite database and execute limited SQLite c… |
CVE-2020-8316 | Medium | 4.4 | 2020-04-14 | A vulnerability was reported in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to read files on the system with elevated p… |