First published: Tue Oct 24 2023(Updated: )
A denial of service vulnerability was reported in the Lenovo HardwareScanPlugin versions prior to 1.3.1.2 and Lenovo Diagnostics versions prior to 4.45 that could allow a local user with administrative access to trigger a system crash.
Credit: psirt@lenovo.com
Affected Software | Affected Version | How to fix |
---|---|---|
Lenovo Diagnostics | <4.45.0 | |
Lenovo Hardwarescan Plugin | <1.3.1.2 |
Update to Lenovo Diagnostics Application v4.45 or later. Update the Lenovo HardwareScan Plugin to version 1.3.1.2 or later.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-3698 is a denial of service vulnerability in the Lenovo HardwareScanPlugin and Lenovo Diagnostics software that could allow a local user with administrative access to trigger a system crash.
The severity of CVE-2022-3698 is medium (4.4).
To fix CVE-2022-3698, update Lenovo HardwareScanPlugin to version 1.3.1.2 or higher and Lenovo Diagnostics to version 4.45 or higher.
You can find more information about CVE-2022-3698 on the Lenovo Product Security website.