Skip to main content

Smart Connect

1 CVEs product

Monthly

CVE-2026-6511 MEDIUM PATCH This Month

Lenovo Smart Connect for Windows exposes an improper access control flaw that permits a local authenticated user to read files belonging to other users on the same machine. Discovered through Lenovo's own internal security assessment and documented under advisory LEN-218281, the flaw carries a CVSS 4.0 score of 6.8 with a local, low-privilege attack vector and high confidentiality impact. No public exploit code and no CISA KEV listing exist at time of analysis, limiting immediate risk to multi-user Windows environments where Lenovo Smart Connect is installed.

Lenovo Authentication Bypass Microsoft Smart Connect
NVD VulDB
CVSS 4.0
6.8
CVSS 6.8
MEDIUM PATCH This Month

Lenovo Smart Connect for Windows exposes an improper access control flaw that permits a local authenticated user to read files belonging to other users on the same machine. Discovered through Lenovo's own internal security assessment and documented under advisory LEN-218281, the flaw carries a CVSS 4.0 score of 6.8 with a local, low-privilege attack vector and high confidentiality impact. No public exploit code and no CISA KEV listing exist at time of analysis, limiting immediate risk to multi-user Windows environments where Lenovo Smart Connect is installed.

Lenovo Authentication Bypass Microsoft +1
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy