VYPR

Lenovo installation packages

by Lenovo

CVEs (2)

  • CVE-2019-6196Jun 9, 2020
    risk 0.00cvss epss 0.00

    A symbolic link vulnerability in some Lenovo installation packages, prior to version 1.2.9.3, could allow privileged file operations during file extraction and installation.

  • CVE-2019-6173Jun 9, 2020
    risk 0.00cvss epss 0.00

    A DLL search path vulnerability could allow privilege escalation in some Lenovo installation packages, prior to version 1.2.9.3, during installation if an attacker already has administrative privileges.