Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-4130

A DLL hijack vulnerability was reported in Lenovo App Store that could allow a local attacker to execute code with elevated privileges.

Published

2024-10-11T16:15:13.840

Last Modified

2024-10-17T19:41:06.967

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Secondary
CWE-427
Type: Primary
CWE-427

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	lenovo	app_store	< 9.0.17	Yes

References

https://iknow.lenovo.com.cn/detail/423563 Vendor Advisory ([email protected])