Primary

Context

Lenovo Vantage and Baiying Input Validation Vulnerability in Productivity Add-in Allowing Privileged Process Termination

Vulnerability

An input validation vulnerability exists in the LenovoProductivitySystemAddin component of Lenovo Vantage and Lenovo Baiying. This vulnerability could enable a local authenticated user to terminate arbitrary processes with elevated privileges. The issue arises from inadequate input validation, allowing for unauthorized process termination.

Impact

Exploitation of this vulnerability could lead to unauthorized termination of processes, potentially disrupting services or applications that rely on those processes.

Remediation

Users should update the Lenovo Vantage LenovoProductivitySystemAddin to version 1.0.0.138 or later. This add-in is automatically updated by Lenovo Vantage.

Added: Mar 11, 2026, 9:31 PM

Updated: Mar 11, 2026, 9:31 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

0.0

relevance

3.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

0.0

relevance

3.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Lenovo Vantage and Baiying Input Validation Vulnerability in Productivity Add-in Allowing Privileged Process Termination

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating