High severity7.8NVD Advisory· Published Feb 12, 2025· Updated Apr 15, 2026

CVE-2024-12673

Description

An improper privilege vulnerability was reported in a BIOS customization feature of Lenovo Vantage on SMB notebook devices which could allow a local attacker to elevate privileges on the system.

This vulnerability only affects Vantage installed on these devices:

Lenovo V Series (Gen 5)
ThinkBook 14 (Gen 6, 7)
ThinkBook 16 (Gen 6, 7)
ThinkPad E Series (Gen 1)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.lenovo.com/us/en/product_security/LEN-183176nvd

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000