Skip to main content

Legion Zone CVE-2026-9046

| EUVDEUVD-2026-44975 HIGH
Insecure Inherited Permissions (CWE-277)
2026-07-16 lenovo GHSA-6j6v-724c-h5fm
7.3
CVSS 4.0 · Vendor: lenovo
Share

Severity by source

Vendor (lenovo) PRIMARY
7.3 HIGH
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.0 HIGH

Local vector with an existing low-priv account (AV:L/PR:L); the required non-system-partition install maps AT:P to AC:H; planted code runs with full C/I/A impact.

3.1 AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (lenovo).

CVSS VectorVendor: lenovo

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Patch available
Jul 16, 2026 - 18:18 EUVD
Analysis Generated
Jul 16, 2026 - 17:16 vuln.today
CVE Published
Jul 16, 2026 - 16:48 cve.org
HIGH 7.3

DescriptionCVE.org

A potential insecure permissions vulnerability was reported in Legion Zone and the Lenovo App Store Windows applications, distributed exclusively in the Chinese market, that when installed on a non‑system partition, could allow a local user to execute arbitrary code.

AnalysisAI

Local code execution in Lenovo Legion Zone and the Lenovo App Store (China-market Windows builds) allows an authenticated local user to run arbitrary code when either application is installed on a non-system partition. The flaw stems from insecure directory/file permissions (CWE-277) that a low-privileged user can abuse to plant or modify executable content later run with higher privilege. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain local low-privileged account
Delivery
Locate app dir on non-system partition
Exploit
Write malicious binary/DLL to world-writable path
Execution
App/updater executes planted code
Impact
Arbitrary code execution with elevated privilege

Vulnerability AssessmentAI

Exploitation Exploitation requires that Legion Zone or the Lenovo App Store was installed on a NON-system partition (not the default system drive) - this is the concrete configuration prerequisite that creates the world-writable, insecurely-inherited directory permissions (CWE-277). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector (AV:L/AC:L/AT:P/PR:L/UI:N, VC:H/VI:H/VA:H) scores 7.3 (High) and paints a consistent picture: exploitation is local, requires an existing low-privilege account (PR:L), and carries an Attack Requirement (AT:P) - the software must be installed on a non-system partition, a non-default deployment. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario On a Lenovo Windows PC where Legion Zone or the Lenovo App Store was installed to a non-system drive (e.g. D:\), a standard local user replaces or drops a malicious executable/DLL in the world-writable application directory. …
Remediation Follow the Lenovo advisory at https://iknow.lenovo.com.cn/detail/441420 and update Legion Zone and the Lenovo App Store to the vendor-corrected version; the supplied data does not include an exact fix version, so treat patch status as 'Patch available per vendor advisory' and confirm the fixed build against that page. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, conduct a complete inventory of all systems running Lenovo Legion Zone or Lenovo App Store (specifically China-market builds) and identify which installations exist on non-system partitions; flag these as high-priority assets. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-9046 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy