First published: Tue Apr 14 2020(Updated: )
A vulnerability was reported in LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation prior to version 1.2.184.31 that could allow unsigned DLL files to be executed.
Credit: psirt@lenovo.com
Affected Software | Affected Version | How to fix |
---|---|---|
Lenovo System Interface Foundation | <1.2.184.31 |
Update LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation to version 1.2.184.31. To update Vantage and its Lenovo System Interface Foundation component, follow these steps: 1) Update Lenovo Vantage to version 10.2003.10.0 from the Microsoft Store. 2) Re-launch Lenovo Vantage to complete the update.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Lenovo System Interface Foundation vulnerability is CVE-2020-8324.
The severity of CVE-2020-8324 is medium with a severity value of 5.5.
The affected software for CVE-2020-8324 is Lenovo System Interface Foundation prior to version 1.2.184.31.
CVE-2020-8324 allows unsigned DLL files to be executed.
To fix the CVE-2020-8324 vulnerability, update Lenovo System Interface Foundation to version 1.2.184.31 or later.