VYPR

Universal Device Client

by Lenovo

CVEs (3)

  • CVE-2025-6026LowOct 15, 2025
    risk 0.20cvss 3.1epss 0.00

    An improper certificate validation vulnerability was reported in the Lenovo Universal Device Client (UDC) that could allow a user capable of intercepting network traffic to obtain application metadata, including device information, geolocation, and telemetry data.

  • CVE-2023-6338Jan 3, 2024
    risk 0.00cvss epss 0.00

    Uncontrolled search path vulnerabilities were reported in the Lenovo Universal Device Client (UDC) that could allow an attacker with local access to execute code with elevated privileges.

  • CVE-2023-3078Aug 17, 2023
    risk 0.00cvss epss 0.00

    An uncontrolled search path vulnerability was reported in the Lenovo Universal Device Client (UDC) that could allow an attacker with local access to execute code with elevated privileges.