Skip to main content

System Interface Foundation

7 CVEs product

Monthly

CVE-2020-8346 MEDIUM This Month

A denial of service vulnerability was reported in the Lenovo Vantage component called Lenovo System Interface Foundation prior to version 1.1.19.5 that could allow configuration files to be written. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Lenovo Privilege Escalation System Interface Foundation
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-8324 MEDIUM This Month

A vulnerability was reported in LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation prior to version 1.2.184.31 that could allow unsigned DLL files to be executed. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Lenovo Jwt Attack Information Disclosure System Interface Foundation
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-8319 HIGH This Week

A privilege escalation vulnerability was reported in Lenovo System Interface Foundation prior to version 1.1.19.3 that could allow an authenticated user to execute code with elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Lenovo Privilege Escalation System Interface Foundation
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-8318 HIGH This Week

A privilege escalation vulnerability was reported in the LenovoSystemUpdatePlugin for Lenovo System Interface Foundation prior to version that could allow an authenticated user to execute code with. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Lenovo Privilege Escalation System Interface Foundation
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-6189 HIGH This Week

A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Lenovo Information Disclosure System Interface Foundation
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-6186 HIGH PATCH This Week

A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an authenticated user to execute code as another user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Lenovo Information Disclosure System Interface Foundation
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2016-8223 HIGH PATCH This Week

During an internal security review, Lenovo identified a local privilege escalation vulnerability in Lenovo System Interface Foundation software installed on some Windows 10 PCs where a user with. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Microsoft RCE Privilege Escalation Lenovo +1
NVD
CVSS 3.0
7.8
EPSS
0.0%
EPSS 0% CVSS 5.5
MEDIUM This Month

A denial of service vulnerability was reported in the Lenovo Vantage component called Lenovo System Interface Foundation prior to version 1.1.19.5 that could allow configuration files to be written. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Lenovo Privilege Escalation +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A vulnerability was reported in LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation prior to version 1.2.184.31 that could allow unsigned DLL files to be executed. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Lenovo Jwt Attack Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A privilege escalation vulnerability was reported in Lenovo System Interface Foundation prior to version 1.1.19.3 that could allow an authenticated user to execute code with elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Lenovo Privilege Escalation System Interface Foundation
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A privilege escalation vulnerability was reported in the LenovoSystemUpdatePlugin for Lenovo System Interface Foundation prior to version that could allow an authenticated user to execute code with. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Lenovo Privilege Escalation System Interface Foundation
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Lenovo Information Disclosure System Interface Foundation
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an authenticated user to execute code as another user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Lenovo Information Disclosure System Interface Foundation
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

During an internal security review, Lenovo identified a local privilege escalation vulnerability in Lenovo System Interface Foundation software installed on some Windows 10 PCs where a user with. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Microsoft RCE +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy