Baiying
by Lenovo
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-33579 | Hig | 0.51 | 7.8 | 0.00 | Oct 11, 2024 | A DLL hijack vulnerability was reported in Lenovo Baiying that could allow a local attacker to execute code with elevated privileges. | ||
| CVE-2022-48186 | Med | 0.40 | 6.2 | 0.00 | May 1, 2023 | A certificate validation vulnerability exists in the Baiying Android application which could lead to information disclosure. | ||
| CVE-2026-1717 | 0.00 | — | 0.00 | Mar 11, 2026 | An input validation vulnerability was reported in the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to terminate arbitrary processes with elevated privileges. | |||
| CVE-2026-1716 | 0.00 | — | 0.00 | Mar 11, 2026 | An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys with elevated privileges. | |||
| CVE-2026-1715 | 0.00 | — | 0.00 | Mar 11, 2026 | An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to modify arbitrary registry keys with elevated privileges. |
- risk 0.51cvss 7.8epss 0.00
A DLL hijack vulnerability was reported in Lenovo Baiying that could allow a local attacker to execute code with elevated privileges.
- risk 0.40cvss 6.2epss 0.00
A certificate validation vulnerability exists in the Baiying Android application which could lead to information disclosure.
- CVE-2026-1717Mar 11, 2026risk 0.00cvss —epss 0.00
An input validation vulnerability was reported in the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to terminate arbitrary processes with elevated privileges.
- CVE-2026-1716Mar 11, 2026risk 0.00cvss —epss 0.00
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys with elevated privileges.
- CVE-2026-1715Mar 11, 2026risk 0.00cvss —epss 0.00
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to modify arbitrary registry keys with elevated privileges.