Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Local vector and existing low-privileged authenticated user give AV:L/PR:L; passive user interaction maps to UI:R; CWE-250 abuse yields full C/I/A impact with unchanged scope.
Primary rating from Vendor (lenovo).
CVSS VectorVendor: lenovo
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A potential vulnerability was reported in Lenovo App Store, distributed exclusively in the Chinese market, that could allow a local authenticated user to execute arbitrary code with elevated privileges.
AnalysisAI
Local privilege escalation to arbitrary code execution affects Lenovo App Store, a software-distribution client shipped exclusively on Lenovo devices in the Chinese market. A local authenticated user who can interact with the application can leverage its excessive privileges (CWE-250) to run arbitrary code at an elevated privilege level, with high confidentiality, integrity, and availability impact on the host. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to already be a local authenticated user (PR:L) on a device that has the Lenovo App Store installed - meaning a Lenovo device distributed in the Chinese market - and the flaw is triggered locally (AV:L), not over the network. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The vendor CVSS 4.0 base score is 7.0 (High) with vector AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H, indicating a local attack vector requiring an already-authenticated low-privileged user plus some passive user interaction, but yielding full high impact to confidentiality, integrity, and availability once triggered. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A standard authenticated user (or malware running under that user) on a Chinese-market Lenovo PC interacts with the Lenovo App Store client and abuses its unnecessarily elevated privileges to run attacker-supplied code in the higher-privileged context, gaining full control of the system. The CVSS vector's UI:P suggests the chain also depends on some passive user action being present. … |
| Remediation | Consult and follow the Lenovo advisory at https://iknow.lenovo.com.cn/detail/441419 and update the Lenovo App Store to the vendor-fixed build; no vendor-released patch version was identified in the provided data, so the exact fix version must be confirmed directly from that advisory. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours, identify and inventory all Lenovo devices running Lenovo App Store in Chinese market deployments and assess organizational exposure scope. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
A DLL hijack vulnerability was reported in Lenovo App Store that could allow a local attacker to execute code with eleva
Local code execution in Lenovo Legion Zone and the Lenovo App Store (China-market Windows builds) allows an authenticate
Local code execution in Lenovo App Store (Chinese-market distribution only) lets an authenticated local user abuse a pat
An improper permissions vulnerability was reported in Lenovo App Store that could allow a local authenticated user to ex
Same weakness CWE-250 – Execution with Unnecessary Privileges
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44977
GHSA-whrx-5ggp-j935