CVE-2019-6177 HIGH

CVE-2019-6177

Vendor Lenovo
Product Solution Center
Published August 21, 2019
Last update September 16, 2024

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log files to be written to non-standard locations, potentially leading to privilege escalation. Lenovo ended support for Lenovo Solution Center and recommended that customers migrate to Lenovo Vantage or Lenovo Diagnostics in April 2018.

Key dates

02Disclosure timeline

August 21, 2019 CVE published
September 16, 2024 Record updated