299
CVEs
12
Critical
135
High
0
KEV
15
PoC
111
Unpatched C/H
25.1%
Patch Rate
1.1%
Avg EPSS
Severity Breakdown
CRITICAL
12
HIGH
135
MEDIUM
145
LOW
6
Monthly CVE Trend
Affected Products (30)
Linux Kernel
27
Thinkcentre M625Q Firmware
17
Thinkcentre M80T Firmware
16
Thinkcentre M80S Firmware
16
Thinkcentre M90T Firmware
16
Thinkcentre M90S Firmware
16
Thinkcentre M70S Firmware
15
Ideacentre 5 14Iob6 Firmware
15
Thinkcentre M70Q Firmware
15
Thinkcentre M70T Firmware
15
Ideacentre 3 07Imb05 Firmware
15
Ideacentre G5 14Imb05 Firmware
15
Ideacentre Gaming 5 14Iob6 Firmware
15
Thinkcentre M75S Gen 2 Firmware
15
V30A 22Iml Firmware
15
Thinkcentre M80Q Firmware
15
V50A 22Imb Firmware
15
V50A 24Imb Firmware
15
V50T 13Imb Firmware
15
Thinkcentre M90Q Tiny Firmware
15
Thinkcentre M630E Firmware
15
Thinkcentre M70C Firmware
15
Ideacentre 5 14Imb05 Firmware
15
Thinkcentre M75N Firmware
15
V50S 07Imb Firmware
15
Thinkcentre M90A Firmware
15
Thinkcentre M75T Gen 2 Firmware
15
Ideacentre Creator 5 14Iob6 Firmware
15
V50T 13Imh Firmware
14
Ideacentre Gaming 5 17Iab7 Firmware
14
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2012-1195 | Unrestricted file upload vulnerability in andesk/managementsuite/core/core.anonymous/ServerSetup.asmx in the ServerSetup web service in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 86.5%. | HIGH | 7.5 | 86.5% | 159 |
PoC
No patch
|
| CVE-2012-1196 | Directory traversal vulnerability in the VulCore web service (WSVulnerabilityCore/VulCore.asmx) in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to delete arbitrary files via a .. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 77.4%. | MEDIUM | 5.0 | 77.4% | 137 |
PoC
No patch
|
| CVE-2015-2219 | Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 uses predictable security tokens, which allows local users to gain privileges by sending a valid token with a command to. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 29.6%. | HIGH | 7.2 | 29.6% | 101 |
PoC
No patch
|
| CVE-2018-14066 | The content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 0.4% | 69 |
PoC
No patch
|
| CVE-2026-58583 | Local privilege escalation in the FluxInk (formerly Sunia SPB Peripheral) Color Management Driver TcnPeripheral64.sys version 1.0.7.2 lets a standard user map arbitrary physical memory via the \Device\PhysicalMemory object and gain kernel-level control. The flaw affects Lenovo systems shipping this signed color-management driver and is fixed in version 1.0.7.6. Publicly available exploit code exists; there is no public exploit identified as actively exploited (not in CISA KEV), though the vulnerability was reported by CISA (cisa-cg). | HIGH | 8.4 | 0.1% | 62 |
PoC
|
| CVE-2017-7293 | The Dolby DAX2 and DAX3 API services are vulnerable to a privilege escalation vulnerability that allows a normal user to get arbitrary system privileges, because these services have .NET code for. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 7.8 | 2.1% | 61 |
PoC
No patch
|
| CVE-2015-6971 | Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0013 allows local users to submit commands to the System Update service (SUService.exe) and gain privileges by launching signed. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 7.8 | 0.1% | 59 |
PoC
No patch
|
| CVE-2015-8110 | Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0019 allows local users to gain privileges by navigating to (1) "Click here to learn more" or (2) "View privacy policy" within. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 7.8 | 0.1% | 59 |
PoC
No patch
|
| CVE-2021-3633 | A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 7.8 | 0.3% | 59 |
PoC
No patch
|
| CVE-2022-0354 | A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 7.3 | 0.1% | 57 |
PoC
No patch
|
| CVE-2015-8109 | Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0019 allows local users to gain privileges by making a prediction of tvsu_tmp_xxxxxXXXXX account credentials that requires. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available. | HIGH | 7.0 | 0.0% | 55 |
PoC
No patch
|
| CVE-2017-3761 | The Lenovo Service Framework Android application executes some system commands without proper sanitization of external input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host. | CRITICAL | 9.8 | 4.5% | 54 |
|
| CVE-2020-8353 | Prior to August 10, 2020, some Lenovo Desktop and Workstation systems were shipped with the Embedded Host Based Configuration (EHBC) feature of Intel AMT enabled. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available. | MEDIUM | 6.7 | 0.5% | 54 |
PoC
No patch
|
| CVE-2013-1361 | Untrusted search path vulnerability in Lenovo Thinkpad Bluetooth with Enhanced Data Rate Software 6.4.0.2900 and earlier allows local users, and possibly remote attackers, to execute arbitrary code. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available. | CRITICAL | 9.3 | 5.4% | 52 |
No patch
|
| CVE-2017-3758 | Improper access controls on several Android components in the Lenovo Service Framework application can be exploited to enable remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. | CRITICAL | 9.8 | 2.4% | 51 |
|