CVE-2022-0353
First published: Tue Oct 24 2023(Updated: )
A denial of service vulnerability was reported in the Lenovo HardwareScanPlugin versions prior to 1.3.1.2 and Lenovo Diagnostics versions prior to 4.45 that could allow a local user with administrative access to trigger a system crash.
Credit: psirt@lenovo.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Lenovo Diagnostics | <4.45.0 | |
| Lenovo Hardwarescan Addin | <2.4.1.1 | |
| Lenovo Hardwarescan Plugin | <1.3.1.2 |
Remedy
Update to Lenovo Diagnostics Application v4.45 or later. Update the Lenovo HardwareScan Plugin to version 1.3.1.2 or later.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2022-0353.
What is the severity rating of CVE-2022-0353?
The severity rating of CVE-2022-0353 is medium (4.4).
Which Lenovo products are affected by CVE-2022-0353?
Lenovo Diagnostics versions prior to 4.45, Lenovo Hardwarescan Addin versions prior to 2.4.1.1, and Lenovo Hardwarescan Plugin versions prior to 1.3.1.2 are affected by CVE-2022-0353.
How can a local user trigger a system crash with CVE-2022-0353?
A local user with administrative access can trigger a system crash by exploiting CVE-2022-0353.
Where can I find more information about CVE-2022-0353?
You can find more information about CVE-2022-0353 on the Lenovo Product Security website.
- collector/nvd-api
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/tags
- agent/event
- agent/description
- agent/first-publish-date
- vendor/lenovo
- canonical/lenovo diagnostics
- canonical/lenovo hardwarescan addin
- canonical/lenovo hardwarescan plugin