First published: Wed May 18 2022(Updated: )
A race condition vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3 that could allow a local attacker to connect and interact with the IMController child process' named pipe.
Credit: psirt@lenovo.com
Affected Software | Affected Version | How to fix |
---|---|---|
Lenovo System Interface Foundation | <1.1.20.3 |
Update the IMController component of Lenovo System Interface Foundation to version 1.1.20.3. Full mitigation guidance can be found in LEN-75210.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this race condition vulnerability is CVE-2021-3922.
CVE-2021-3922 has a severity level of high.
CVE-2021-3922 affects the IMController software component of Lenovo System Interface Foundation.
CVE-2021-3922 could allow a local attacker to connect and interact with the IMController child process' named pipe.
To mitigate the risk, it is recommended to update Lenovo System Interface Foundation to version 1.1.20.3 or later.