Vulnerabilities in Lenovo
369 resultsCVE-2023-25493MEDIUMA potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart Edge, Smart Office, and ThinkStation products EPSS 0.2%CVE-2025-6232HIGHAn improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute coEPSS 0.2%CVE-2025-6231HIGHAn improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute coEPSS 0.2%CVE-2023-4030HIGHA vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could cause the system to recover toEPSS 0.2%CVE-2022-4575MEDIUM
A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad models could allow an attackerEPSS 0.2%CVE-2023-5912MEDIUM
A potential memory leakage vulnerability was reported in some Lenovo Notebook products that may allow a local attacker with elevated privilEPSS 0.2%CVE-2023-25494MEDIUM
A potential vulnerability were reported in the BIOS of some Desktop, Smart Edge, and ThinkStation products that could allow a local attackeEPSS 0.2%CVE-2025-9319HIGHA potential vulnerability was reported in the Lenovo Wallpaper Client that could allow arbitrary code execution under certain conditions.EPSS 0.2%CVE-2025-2502HIGHAn improper default permissions vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges.EPSS 0.2%CVE-2022-3743MEDIUMA potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevatEPSS 0.2%CVE-2022-3745MEDIUMA potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevatEPSS 0.2%CVE-2024-4130HIGHA DLL hijack vulnerability was reported in Lenovo App Store that could allow a local attacker to execute code with elevated privileges.EPSS 0.2%CVE-2024-4089HIGHA DLL hijack vulnerability was reported in Lenovo Super File that could allow a local attacker to execute code with elevated privileges.EPSS 0.2%CVE-2024-4131HIGHA DLL hijack vulnerability was reported in Lenovo Emulator that could allow a local attacker to execute code with elevated privileges.EPSS 0.2%CVE-2024-4132HIGHA DLL hijack vulnerability was reported in Lenovo Lock Screen that could allow a local attacker to execute code with elevated privileges.EPSS 0.2%CVE-2026-7516MEDIUMA vulnerability was identified in the Lenovo Android Application, distributed exclusively on tablets in the Chinese market, that could allowEPSS 0.2%CVE-2023-6043HIGHA privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker to bypass integrity checks and executeEPSS 0.2%CVE-2024-3100MEDIUMA potential buffer overflow vulnerability was reported in some Lenovo Notebook products that could allow a local attacker with elevated privEPSS 0.2%CVE-2025-0886HIGHAn incorrect permissions vulnerability was reported in Elliptic Labs Virtual Lock Sensor that could allow a local, authenticated user to escEPSS 0.2%CVE-2024-12673HIGHAn improper privilege vulnerability was reported in a BIOS customization feature of Lenovo Vantage on SMB notebook devices which could allowEPSS 0.2%