Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-6231

An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute code with elevated permissions by modifying an application configuration file.

Published

2025-07-17T20:15:31.537

Last Modified

2025-07-22T17:05:25.170

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Secondary
CWE-88

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	lenovo	commercial_vantage	< 20.2506.39.0	Yes
Application	lenovo	vantage	< 10.2501.20.0	Yes

References

https://support.lenovo.com/us/en/product_security/LEN-196648 Vendor Advisory ([email protected])