Primary

Context

Lenovo Vantage Improper Privilege Vulnerability in BIOS Customization Feature on SMB Notebooks

Vulnerability

Patched

A vulnerability allowing privilege escalation has been identified in the BIOS customization feature of Lenovo Vantage. This issue affects SMB notebook devices, specifically the Lenovo V Series (Gen 5), ThinkBook 14 (Gen 6, 7), ThinkBook 16 (Gen 6, 7), and ThinkPad E Series (Gen 1). The vulnerability arises from improper privilege management, which could enable a local attacker to gain elevated rights on the system.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing a local attacker to gain elevated rights on the affected system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Lenovo Vantage Improper Privilege Vulnerability in BIOS Customization Feature on SMB Notebooks

Vulnerability

Impact

Affected Products

Lenovo Vantage

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating