High severity7.3NVD Advisory· Published Apr 22, 2022· Updated Jun 2, 2026
CVE-2022-0354
CVE-2022-0354
Description
A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released before 2022-02-25 that displays a command prompt window.
Affected products
3cpe:2.3:a:lenovo:system_update:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:lenovo:system_update:*:*:*:*:*:*:*:*range: <2022-02-25
- (no CPE)range: <2022-02-25
- (no CPE)range: various
Patches
Vulnerability mechanics
References
2- www.infosec.tirol/cve-2022-0354/nvdExploitThird Party Advisory
- support.lenovo.com/us/en/product_security/LEN-76673nvdVendor Advisory
News mentions
0No linked articles in our index yet.