CVE-2025-13154

Medium CVSS: 6.8

An improper link following vulnerability was reported in the SmartPerformanceAddin for Lenovo Vantage that could allow an authenticated local user to perform an arbitrary file deletion with elevated privileges.

Vendor

Product

CWE

CWE-59

Yayın Tarihi

2026-01-14 23:15:55

Güncelleme

2026-01-16 15:55:33

Source Identifier

psirt@lenovo.com

KEV Date Added

Kategoriler

CWE-59 MEDIUM 2026

Referanslar

https://support.lenovo.com/us/en/product_security/LEN-208293