Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-6230

A SQL injection vulnerability was reported in Lenovo Vantage that could allow a local attacker to modify the local SQLite database and execute limited SQLite commands.

Published

2025-07-17T20:15:31.383

Last Modified

2025-08-19T16:32:52.043

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-89

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	lenovo	commercial_vantage	< 20.2506.39.0	Yes
Application	lenovo	vantage	< 10.2501.20.0	Yes

References

https://support.lenovo.com/us/en/product_security/LEN-196648 Vendor Advisory ([email protected])