First published: Tue Apr 14 2020(Updated: )
A privilege escalation vulnerability was reported in LenovoBatteryGaugePackage for Lenovo System Interface Foundation bundled in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to execute code with elevated privileges.
Credit: psirt@lenovo.com
Affected Software | Affected Version | How to fix |
---|---|---|
Lenovo Vantage | <10.2003.10.0 |
To update Vantage and its Lenovo System Interface Foundation component, follow these steps: 1) Update Lenovo Vantage to version 10.2003.10.0 from the Microsoft Store. 2) Re-launch Lenovo Vantage to complete the update.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this privilege escalation vulnerability is CVE-2020-8327.
The Lenovo Vantage software is affected by this vulnerability.
The severity of CVE-2020-8327 is high (CVSS severity value of 7.8).
An authenticated user can exploit this vulnerability to execute code with elevated privileges.
To fix CVE-2020-8327, update Lenovo Vantage to version 10.2003.10.0 or later.